Password sync

[Jeremy Allison]

Paul J Collins wrote:
> 
> >>>>> "Jeremy" == Jeremy Allison <jeremy at valinux.com> writes:
> 
>     Jeremy> The lanman hash *is* trivial and brute forcible, and this
>     Jeremy> makes the security of the NT hash irrelevent, as you only
>     Jeremy> need to brute force the lanman one.
> 
> Aargh.  I'd forgotten about that one.  Does NT ever require the LM
> hash?

No, but it accepts it by default unless you mess with
registry settings that I can't remember. Almost no-one
does (mainly because if you did so, no Win9x/WinME machines
would work). Plus they probably can't remember them either :-).

So the lanman hash disaster lives on, and on, and on....

Jeremy.


-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------