user webmaster
pass webmaster00

I don't like that at all. You're right. it is comparing to the crypt password. Any way to convert an entire large site of cdb files (probably 150 domains) into MD5? Actually coverting is the wrong word [since you can't do that unless there is clear text passwords], but rather to have it choose between both MD5 and CRYPT passwords (based on length) to migrate from crypt to MD5? I'd love to migrate away from it if this is the type of problems it causes... Then I could just make a script to md5-encrypt where a clear password exists [which is most of them, and in any cases, the accounts which are used]. Has anyone done this? Is it an all-or-nothing game?


From: "Paul L. Allen" <[EMAIL PROTECTED]>
Subject: [vchkpw] Re: SMTP-Auth bug in passwords?
Date: Wed, 10 Sep 2003 13:30:27 GMT

Mike Miller writes:

> Nope. Not using MD5 passwords.

That would explain it then.  As Tom said, DES-style crypt ignores
after the first eight characters of the password.  MD5-style crypt has a
higher limit, from memory I believe it's something like 126.

Paul Allen
Softflare Support

The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail

Reply via email to