Default encrypted passwords = yes?

Jay Ts jay at
Thu Sep 27 10:11:03 GMT 2001

> On Thu, 27 Sep 2001, James Nord wrote:
> >     "If it uses unencrypted passwords over the network get rid of it
> > and replace it with an encrytped equivellent" Any option that makes
> > any program less secure should always be disabled.

This is very good advice to give if you are talking to a group
as a security consultant! ;)

Gerald Carter wrote:
> Sorry.  I completely agree with all security measures,
> but enabling "encrypt passwords = yes" as the default
> is just asking to triple help requests.  It is too confusing
> when installing Samba for the first time.

I would like to point out a couple things:

1. Modern versions of Windows use "encrypted" passwords by default,
   so the sysadmin at some point (perhaps very early in the installation
   and configuration process) has to deal with them ... or else find
   out how to make registry mods to disable the password encryption,
   which is much more complicated than simply supporting them ... which
   would be much simpler to do if they were enabled by default!

2. Even if the above were not true, from a security perspective a
   Samba server with non-encrypted passwords is only good for an
   "evaluation" Samba installation.  A Samba server put into service
   in a production environment IMO really needs to have both encrypted
   passwords enabled, and function as a domain controller.  Without
   both of these, it is way too easy to break into a user account on
   the Samba Unix host system.  (Unless none of those user accounts have
   shell access.)

- Jay Ts
jayts at

More information about the samba-technical mailing list