On 12/08/14 12:24, Helen Borrie wrote: > At 09:31 p.m. 8/12/2014, Mark Rotteveel wrote: >> On Mon, 08 Dec 2014 07:48:21 +1300, Helen Borrie <[email protected]> >> wrote: >>> The release notes in your Fb3 download kit are missing the Compatibility >>> chapter (Ch. 12), which explains what you need to do. >>> >>> Please download the newest build of the release notes from here: >>> >>> >> http://web.firebirdsql.org/download/prerelease/rlsnotes/Firebird-3.0.0_Beta1-ReleaseNotes.pdf >> >> Hi Helen, >> >> Chapter 12 says: >> >> "An effective password, using the default user manager Srp, can be up to >> 20 characters. If you have already configured the server to use legacy >> authentication (see below >> ), or you intend to do so, then only the first 8 characters of any >> password, including that of the SYSDBA, will be read." >> >> As I remarked before this isn't true, the password is effectively >> unlimited, or at least substantially longer than 20 characters (I have >> tested it upto a 100+ characters). Please don't confuse the size of the >> resulting hash with the allowed size of the password. > It is true that passwords can be much longer (although not "unlimited"). I > think Alex mentioned 256 characters, or thereabouts.
No, not 256 bytes. 255 bytes is a limit of a string, stored in DPB v.1, but in FB3 one can use DPB v.2, which can have entries up to 4GB-1 inside. So I think that the closest limit for password length is the length of SQL string in PASSWORD clause of CREATE/ALTER USER command. > I'm not confusing it. In Firebird 3 currently, i.e., Beta 1, SRP is the one > available user manager other than legacy. An EFFECTIVE password with SRP is > 20 characters or less, due to the hash algorithm. That's it. Yes. For password >20 bytes sooner of all exists shorter one with same hash value. > Legacy authentication still does not read passwords past the eighth > character.....or have I missed something? You are absolutely right. Legacy remains legacy. ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
