Update for 02-02-22 14:45
This commit is contained in:
parent
3f68debd82
commit
390f012fa9
@ -22,6 +22,12 @@ Derived requirements from this,
|
||||
== means of authentication ==
|
||||
|
||||
* password/pin
|
||||
* ID that goes with password must be unique
|
||||
* Vulns
|
||||
* dictionary
|
||||
* popular password
|
||||
* password guessing against 1 user
|
||||
* Social engineering password out of user
|
||||
* physical token (IE smart card)
|
||||
* static biometrics (IE finger/face)
|
||||
|
||||
|
@ -30,6 +30,7 @@ Hiding information
|
||||
|
||||
* [[Signatures]]
|
||||
* [[digital_authentication]]
|
||||
* [[unix_password]]
|
||||
|
||||
=== Misc ===
|
||||
|
||||
|
23
tech/unix_password.wiki
Normal file
23
tech/unix_password.wiki
Normal file
@ -0,0 +1,23 @@
|
||||
= unix password scheme =
|
||||
|
||||
== logging in ==
|
||||
|
||||
* Take password and salt into hash function
|
||||
* store it into a local file including
|
||||
* user id
|
||||
* salt
|
||||
* hash
|
||||
|
||||
== logging out ==
|
||||
|
||||
* User id is fetched as well as salt
|
||||
* given password is hashed with salt
|
||||
* compare stored hash against outputted hash
|
||||
|
||||
== Improvements ==
|
||||
|
||||
* Use MD5 hash
|
||||
* 48 bit salt
|
||||
* password length is unlimited
|
||||
* 128bit hash
|
||||
* Uses inner loop with 1000 iterations
|
Loading…
Reference in New Issue
Block a user