FreeBSD maximum password length

Teske, Devin Devin.Teske at fisglobal.com
Mon Jun 17 17:25:58 UTC 2013 

On Jun 17, 2013, at 7:47 AM, Eduardo Morras wrote:

> On Mon, 17 Jun 2013 17:49:56 +0330
> takCoder <tak.official at gmail.com> wrote:
>> 
>> I need to moderate the input password in my system's user interface. And I
>> believe i have tested longer passwords than that, about 1000 characters
>> long, and there was no limitations, via using this command in a /bin/sh
>> test shell script : "echo PASSWORD | pw user mod USER -h 0".
> 
> If I remember well, any password longer than default size is truncated, so passwords
> 
> a) 'AhN12Njufsn8794432kjfvsnkkJHNDSMNDKh844mNJKnhjhu8u8424'
> b) 'AhN12Njufsn8794432kj'
> 
> have the same salt hash value and both validate the user.
> 

Depends on the hashing algo.

Old crypt(3) stored passwords with a 12-bit (2x Base64 characters; [0-9a-zA-Z./]) followed by the hashed cleartext.

This [ancient] format limited password input to 8 characters. With this algorithm, input beyond 8 characters was ignored, so the behavior you describe is accurate -- with the old DES based one-way hash algorithm (which hasn't been default for a vey long time).

The default in FreeBSD is MD5, but you can go to AES256 (Rijndael) if you like, or Blowfish, or whatever you like. Each of these has different limitations, but will not exhibit the behavior you describe above.

There is no limit to these algorithms, only in the implementations -- that is to say that if you implement a read-buffer of 128k, that's the practical limit of your applications input (read: these algorithms have no limitations on input, however that being stated… no CRC algorithm has a limitation on input).

But be aware…

What makes these algorithms more secure is their larger salts *and* their stated rate of collisions.

MD5 is no longer considered secure. It's secure *enough* for most people, but if you run a tight ship, any one with a few multiplexed GPUs running a CUDA thread against your hash can break it in a matter of a week if not days. The benchmark (in my mind) for any cryptographically strong algo is that with almost dream-like hardware, it would still be impossible to reverse the one-way trapdoor hash in one's-own lifetime.

Of course, achieving that as a human can be hard considering that we rarely (if ever) produce strong inputs to the strong algorithms. However, if you want to be pedantic about choosing a strong password… you should actually take respite in the fact that these algorithms is still like their CRC brethren in that:

Inputs greater than the hash length are cryptographically more secure than inputs shorter than the hash length.

I digress…
-- 
Devin

_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.

More information about the freebsd-questions mailing list