On Thu, 15 Apr 2021, Stan Johnson wrote:
> > Most of that is probably password hashing. Look in /etc/shadow and
> > you'll probably find long password hashes. If you're not worried about
> > weak hashes, you could switch to DES which is probably what A/UX uses.
> > See 'man login.defs' and 'man 3 crypt'.
> >
> > BTW, if your password hashes are never leaked or your actual passwords
> > are guessable anyway then I don't see much benefit from SHA512.
> >
> > FTR, I'm not advocating guessable passwords and weak hashes. But if
> > you want to try it, I hear that 12345 is very popular:
> >
> > $ perl -e 'print crypt("12345","xx")."\n"'
> > xxwddmriJc5TI
> >
>
> I've always supported security protocols that match the associated risk.
> For systems that are not exposed to the public Internet and that require
> clear-text protocols, anyway, such as telnet and ftp, for reasonable
> access, there is nothing wrong with minimal password hashes (though I
> agree "12345" is still a bad idea!).
>
Yes. And it's not only the hashing of guessable passwords that wastes CPU
cycles. If we're trying to mitigate the possible leakage of /etc/shadow
through a privilege escalation attack, and if the strong, unguessable
passwords in that file were never used elsewhere, SHA512 is still a waste
of cycles, because privilege escalation would gain access to everything
protected by those passwords anyway.
