[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2199-gcc23f91

Neal A. Lucier nlucier at math.purdue.edu
Mon Apr 28 20:33:23 GMT 2008

Neal A. Lucier wrote:
 > Andreas Schneider wrote:
 >> There is a patch on the linux-cifs mailinglist to extend the password
 >> check.
 >> http://lists.samba.org/archive/linux-cifs-client/2008-January/002606.html
 >> So shouldn't MOUNT_PASSWD_SIZE set to 128 and the patch from the
 >> mailinglist applied too?
 > Windows actually supports password lengths up to 255, the max for their
 > hashing algorithm in NTLM.
 > However, the Windows GUI login box (that entire API, so where ever it is
 > called in Windows, not just the initial Login window; e.g. the password
 > change dialog box, the RunAs GUI, the mount a drive GUI) can only accept
 > 127 characters in the password field.
 > I read this in an MS whitepaper which I can dig up, (I realize I'm not
 > very authoritative on this list

The document I was thinking of (which the printed copy had fallen behind my
desk) was:


Which says two paragraphs after Figure 2:
Internally, Windows represents passwords in 256-character UNICODE strings. The
logon dialog is limited to 127 characters, however. Therefore, the longest
password that can be used to log on interactively to a computer running Windows
is 127 characters. Theoretically, programs such as services can use longer
passwords, but they must be set programmatically because the password change
dialog will not allow a password longer than 127 characters.

Which isn't too informative, but I also emailed steve.riley at microsoft.com asking
what I had previously stated as fact and he wrote back:

Your understanding is correct.

* For NT hashes (the hashes used for NTLM, NTLMv2, and Kerberos authentication
methods) the absolute maximum password length is 255 characters. The winlogon
UI, however, limits the length to 127.

But unfortunately, I didn't need to do any of this additional looking as Steve
French was already on top of it:


If Samba would remove the hard coded limits on password lengths and go with the
255 character maximum this would make Samba's use of NT hashes more feature
complete than Windows with interactivity support for password greater than 127
characters.  (I'm not sure how many people really need support for passwords in
the 128-255 character range, but you could give it to them.)

Additionally samba should not stop a user from entering passwords that are
greater in length than 255 characters; if a user does, than the entered value
should just be truncated to 255 characters for computation of the hash.  While
this was implicitly raised a little in linux-cifs-client list for LM hashes the
same concept of truncation for >255 character NT hashes should be used.  UNIX
systems quietly truncate in the case of crypt passwords, and NT systems do the
same for LM passwords (I realize those are both examples of previous generation
hashes and maybe the truncation logic shouldn't apply to NT or other modern hashes.)

Just my 2 Trollian cents.


More information about the samba-technical mailing list