vimwiki/tech/unix_password.wiki

30 lines
654 B
Plaintext

= unix password scheme =
== logging in ==
* Take password and salt into hash function
* store it into a local file including
* user id
* salt
* hash
== logging out ==
* User id is fetched as well as salt
* given password is hashed with salt
* compare stored hash against outputted hash
== Improvements ==
* Use MD5 hash
* 48 bit salt
* password length is unlimited
* 128bit hash
* Uses inner loop with 1000 iterations
* OpenBSD uses Blowfish based hash called Bcrypt
* Most secure unix hash/salt scheme
* uses 128bit salt to make 192bit hash value
* Use a shadow password file
* separate file with hash; different file with ID