Firewall Wizards mailing list archives
Re: password aging
From: "Paul M. Cardon" <pmarc () cmg fcnbd com>
Date: Wed, 26 Aug 98 11:08:58 -0500
"H. Morrow Long" thus spake unto me:
I'm presuming that you should store hashes of previous passwords, and not store the actual passwords themselves... - Morrow
That would seem obvious except that a one-way hash will leave you with the ability to check for prior use of exactly the same password but not use of a closely similar password. -paul
Current thread:
- password aging Adam Shostack (Aug 19)
- Re: password aging Rick Smith (Aug 23)
- <Possible follow-ups>
- Re: password aging Steve Bellovin (Aug 19)
- Re: password aging R. DuFresne (Aug 23)
- Re:password aging Harvey Nusz (Aug 19)
- Re: password aging HASSAN . KARIM (Aug 19)
- Re: password aging H. Morrow Long (Aug 23)
- Re: password aging Adam Shostack (Aug 24)
- Re: password aging Paul M. Cardon (Aug 26)
- Re: password aging Stephen P. Gibbons (Aug 27)
- Re: password aging Massimo Brogioni (Aug 27)
- Re: password aging John McDermott (Aug 24)
- Re: password aging Paul McNabb (Aug 28)
- Re: password aging Stephen P. Gibbons (Aug 28)
- Re: password aging Paul McNabb (Aug 28)
- Re: password aging Stephen P. Gibbons (Aug 30)
- RE: password aging KirkAdams (Aug 30)