As I understand it I would have to double the length of a hashed
password for it to be as secure as an un-hashed one, as each pair of
characters represent one byte. Aye?

-Modulok-

On 8/4/09, RW <rwmailli...@googlemail.com> wrote:
> On Mon, 3 Aug 2009 22:20:50 -0800
> Mel Flynn <mel.flynn+fbsd.questi...@mailing.thruhere.net> wrote:
>
>> On Monday 03 August 2009 18:28:52 Modulok wrote:
>>
>> > I wrote a python script which uses /dev/random, and hashes the
>> > output with sha256. I then truncate the output to the desired
>> > length. Blasphemy! According to the superstitious password crowd my
>> > passwords are not very secure ... maybe.
>>
>> They aren't, because you reduce the random to a much less random,
>> *because* you are hashing.
>
> Not in FreeBSD, it's a 256bit PRNG and a 256 bit hash.
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to