[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slappasswd question

To: Andrew Kay <andrewjkay@gmail.com>
Subject: Re: slappasswd question
From: Greg Martin <gmartin@gmartin.org>
Date: Sun, 31 Dec 2006 12:32:05 -0500
Cc: openldap-software@openldap.org, greg.martin18@verizon.net
In-reply-to: <d5ec60970612310504v34b49058pbac416d94bebceb5@mail.gmail.com>
References: <45973C9A.8030605@gmartin.org> <d5ec60970612310504v34b49058pbac416d94bebceb5@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061206 Thunderbird/1.5.0.9 Mnenhy/0.7.4.666

Interesting concept. So if I generate a SSHA hash and do not specify a salt, does slappasswd pick one? Any idea how long it is?

Thanks,

\\Greg

Andrew Kay wrote:

Greg,

I imagine it uses a password salting technique (see
http://en.wikipedia.org/wiki/Password_salting) in order to better
protect the hashed password from a precompiled dictionary attack.  If
password salting is used the salt is comonly stored as the prefix of
the value you see.


Andrew

References:
- slappasswd question
  - From: Greg Martin <gmartin@gmartin.org>
- Re: slappasswd question
  - From: "Andrew Kay" <andrewjkay@gmail.com>

Prev by Date: Re: slappasswd question
Index(es):
- Chronological
- Thread