On Wed, Dec 31, 2008 at 3:16 PM, Richard Chycoski <[email protected]> wrote: > This is actually more dangerous (security-wise) because with NIS you are > exposing the encrypted passwords via NIS, which can then be used to crack the > passwords. NIS passwords are also limited to eight characters, and if you > sync (or allow your users to sync) their NIS and AD passwords, you are > exposing both your Windows and Unix accounts. AD passwords can be much longer > than eight characters and the encrypted format is not exposed to the world > (unless you do something really bad to your AD config :-).
Which OS still limits NIS passwords to 8 characters and/or weak encryption? _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
