From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
>> By rehashed I meant 2 layers of hashing...
>> You sha512 the old md5 hash while keeping the knowledge that it was an md5
> hash.
>> So, when the user enters its passwd, it would be md5 hashed and then sha512
> hashed and compared...
> this does not make any sense or differene and would decrase security
> keep in mind that hashes normally contain only [a-z][0-9]
> if you store the knowledge you have no need to convert
> if you have a secure password like "y*!#Anf&%" your hash has
> no longer special-chars and uppercase-letters, hashing this
> again would result in a less secure one with more possible
> collisions
I know all the security implications...
My post was about transparent backward-compatibility.
Anyway, it works.
Thx,
JD
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
