Security Basics mailing list archives
RE: Using non-printable characters in passwords
From: Birl <sbirl () temple edu>
Date: Mon, 25 Aug 2003 15:46:33 -0400 (EDT)
As it was written on Aug 12, thus Chris Berry spake unto security-basics@se...: Chris: Date: Tue, 12 Aug 2003 17:57:50 -0700 Chris: From: Chris Berry <compjma () hotmail com> Chris: To: security-basics () securityfocus com Chris: Subject: RE: Using non-printable characters in passwords Chris: Chris: >From: "dave kleiman" <dave () netmedic net> Chris: >Not quite; Chris: > Chris: >If you pass the 14 character margin, No LM hash will be stored of the Chris: >password. 14 characters is its limit, so if you enforce a policy of 15 or Chris: >greater you do not have to worry about it. Chris: Chris: That's true, but I wouldn't rely on that. It's pretty easy to disable the Chris: storing of the LM hash permanently. Chris: Chris: Chris Berry I disable LM hash by default. I have long SecEdit file that tightens the whole machine down (too tight sometimes) My question is this: when was over 14 characters possible in NT? I always ran into problems with passwords over 14 characters. Cannot remember what the problem was off-hand, I'll have to see if I can replicate it .... might have been NT4 --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Re: Using non-printable characters in passwords, (continued)
- Re: Using non-printable characters in passwords Birl (Aug 07)
- RE: Using non-printable characters in passwords dave kleiman (Aug 08)
- RE: Using non-printable characters in passwords Optrics Engineering - Shaun Sturby, MCSE (Aug 07)
- Re: Using non-printable characters in passwords Jay Woody (Aug 08)
- Re: Using non-printable characters in passwords Mr Babak Memari (Aug 11)
- RE: Using non-printable characters in passwords Meidinger Chris (Aug 12)
- RE: Using non-printable characters in passwords Birl (Aug 26)
- RE: Using non-printable characters in passwords Chris Berry (Aug 12)
- RE: Using non-printable characters in passwords dave kleiman (Aug 13)
- RE: Using non-printable characters in passwords Chris Berry (Aug 13)
- RE: Using non-printable characters in passwords Birl (Aug 26)
- Re: Using non-printable characters in passwords Birl (Aug 07)