Am 2018-03-26 10:46, schrieb Clint Dilks:
Hi, as you why it is insecure the biggest reason is that it is trivial
for
a user to get sensitive information about other users. Particularly
things
like password hashes, and with the compute power available today
cracking a
hash is not impractical.
You don't even need to crack them yourself.
If you have the hashes, you can just use rainbow-tables available
online, sometimes for a small fee.
Still relying on NIS is barely different from not having a password at
all and just using a login.
In both cases, you have to trust your users - it's no different.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
