[Samba] getting rid of lmhashes?
Gerald (Jerry) Carter
jerry at samba.org
Thu Mar 2 20:35:50 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Proehl wrote:
> I am aware, that both hashes are equivalent to clear text passwords
> and must be protected therefore. But cracking passwords with tools
> like john is much faster, if the lm hashes are available, so i think
> there should be an option to disable them.
If you use passwords >14 characters in length, I'm sure the
lanman hashes are not generated. I would need to dig through
the code to remember how to prevent them from being generated
in other scenarios. Maybe later.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEB1cmIR7qMdg1EfYRAmsWAKDhr7cdiCo7ceN6dmMuh0PuqvpBuwCfdxhN
pSwlfWrOXt+MCqrJIvlZ2Yc=
=Th2T
-----END PGP SIGNATURE-----
More information about the samba
mailing list