On Fri, 7 Mar 2014 09:13:30 -0500 John Baldwin wrote: > I am assuming that an > administrator wants the transparent upgrade (which I think is useful) > because they are assuming that the hash algorithm is compromised or > inferior. I'd expect it to be done well in advance of that to give plenty of time for the transition. We are talking about brute force attacks and GPU development is relatively predicable. And lets not lose sight of the fact that we are only talking about limited mitigation after an attacker has gained root access, not front-line security. > I suppose if you really were paranoid about the hash what you would > want is an ability to set an expiration time on the hash algo itself > where authentication using that hash always fails after the > expiration time. Whenever I've been required to change passwords it's always been imposed immediately after a login. Just locking-out an account sounds very heavy-handed to me. It seems like it would be trivial to extract a list of accounts using the old-style hashes from master.passwd - at least that way you can send them an email.Received on Fri Mar 07 2014 - 17:48:12 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:47 UTC