[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slappasswd question

Interesting concept. So if I generate a SSHA hash and do not specify a salt, does slappasswd pick one? Any idea how long it is?



Andrew Kay wrote:

I imagine it uses a password salting technique (see
http://en.wikipedia.org/wiki/Password_salting) in order to better
protect the hashed password from a precompiled dictionary attack.  If
password salting is used the salt is comonly stored as the prefix of
the value you see.