On Fri, 1 Aug 1997, E.L. Meijer (Eric) wrote: > Bjoern wrote: > > > > for example my password on my system is: test1 > > the user names are: delete and (of course) root > > > > Why is it possible to login as 'delete' and as 'root' > > when i type instead of 'test1' as password, 'test1dfetdf' (for > > example). > > > > Or more exactly: Why is it possible to type the right password an then > > add as much letters and numbers i want to it? > > > > I am using a debian 1.2.6. Login made on all tyy's. 'su -' act's the > > same. > > Previous replies stated that only the first 8 characters are > significant. However Bjoern's test password `test1' is only 5 > characters long. I think his question still stands.
Presumably Bjoern knows it would be unwise to type the real password in public. So test1 might be a substitution made at the time of posting, without regard for conservation of password length. This system is still running Debian 1.2, and I can't duplicate the symptoms reported. But I don't have a user named delete. Root is (of course, but not necessarily) called root. > Furthermore I always wondered why there is a limitation of 8 characters. > Wouldn't it be a lot harder to crack passwords if only they were > allowed to be a little longer? Agreed. -- David Wright, Open University, Earth Science Department, Milton Keynes MK7 6AA U.K. email: [EMAIL PROTECTED] tel: +44 1908 653 739 fax: +44 1908 655 151 -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
