Password sync
Jeremy Allison
jeremy at valinux.com
Wed Jul 19 19:16:58 GMT 2000
Paul J Collins wrote:
>
> >>>>> "Jeremy" == Jeremy Allison <jeremy at valinux.com> writes:
>
> Jeremy> The lanman hash *is* trivial and brute forcible, and this
> Jeremy> makes the security of the NT hash irrelevent, as you only
> Jeremy> need to brute force the lanman one.
>
> Aargh. I'd forgotten about that one. Does NT ever require the LM
> hash?
No, but it accepts it by default unless you mess with
registry settings that I can't remember. Almost no-one
does (mainly because if you did so, no Win9x/WinME machines
would work). Plus they probably can't remember them either :-).
So the lanman hash disaster lives on, and on, and on....
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-ntdom
mailing list