> > This is a result of UNIX crypt (I believe). Standard unix passwords only
> > handle the first 8 characters of a password; RH6.0 allows you to install MD5
> > passwords, which can give you additional length, if desired.
>
> Most Linux distributions do this.
>
> Anyone relaying on DES passwd encryption these days could be said to
> have no passwd encryption at all - the entire legal 1-8 character passwd
> space will fit in less than 4Gb, so a determined cracker can fairly
> quickly determine what any given crypted password really is.
What????????? where do you get 4GB from?
there are almost 10^16 legal passwords.
PLus you're fogetting the salt which is designed to stop this preencoded
dictionary approach....
4GB maybe - if your users are instructed only to use Numbers.
