Password sync

Jeremy Allison jeremy at valinux.com
Wed Jul 19 18:03:48 GMT 2000


Paul J Collins wrote:

> NT's password format is neither insecure nor trivial.  It is a one-way
> hash.  

This is true, but the implementation is badly flawed.
There is no salt - meaning if two users pick the same
password it will be an identical hash.

The second problem is not the NT password hash but the
legacy lanman hash which is usually stored with the
more secure NT hash.

The lanman hash *is* trivial and brute forcible, and
this makes the security of the NT hash irrelevent, as
you only need to brute force the lanman one.

Jeremy Allison,
Samba Team.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------


More information about the samba-ntdom mailing list