OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
SuSE security discussion: Re: [suse-security] Passwords

Re: [suse-security] Passwords

Subject: Re: [suse-security] Passwords
From: Hans Klein (hansi.kleinnet-con.net)
Date: Sun Jan 30 2000 - 09:45:23 CST

At 15:30 30.01.00 +0000, Brian Galbraith wrote:
>Hi
>I have been looking into passwords on my system (6.3)
>I have been using the same password for root and myself as a user (not
>good practise I know) This was ok for me....but now that I have also
>set up my children as users I wanted to change my root password to be
>sure that they could not watch me and gain root access.
> I discovered something which surprised me. I wanted to keep the new
>pass word similar ...but different.
>
>eg. My old pass phrase which I used for root and user brian was
> abcdefgh . I changed my root pass word to abcdefghxy.
>
>However I was still able to log in as root using abcdefgh, AND
>abcdefghxy
>
>How can this happen? I have now changed it to abcdejkl and now have
>proper access restored.

Passwords can have a maximum of 8 characters, each character more is ignored ! 

-- 
und servus         <o)
Hans Klein         /\\
                  _\_v
/* http://www.net-con.net */

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com

This archive was generated by hypermail 2b27 : Sun Jan 30 2000 - 09:46:48 CST