On Mon, Mar 19, 2001 at 09:40:10AM +0100, Magni Onsoien wrote:
> to a certain service. An example is the "-" first in passwords (avoid it
> by prepending an extra - first when typing the ftp-password..), another
> is ":" in passwords at HP-UX 10.10 (I think it thinks the password ends just
> before the : and thus just use the first part of the password for login
> etc). I also think I have encontered problems with Windows NT, but I can't
> exactly remember the situation.
The /etc/passwd file uses : to separate the data fields. Although it
should be one way hashed and not come out the other end as a : this
could be confusing...
> (I usually recommend users not to use any special chars but period and
> comma, but that might be an overkill even though it's a very convenient
> and uncomplicated rule of thumb. Since I want automatic generation of
> passwords in this case, I won't have to bother the users with lists of
> legal and illegal chars anyway.)
I think that's the standard rule - a password should be basically like
an email address, upper case and lower case letters, and numbers.
Probably the best way to pick up this kind of stuff is to use a version
of passwd that will actually check the entered password for illegal
chars ('Sorry, passwords can only contain upper case and lower case
letters, and numbers. Passwords may only be 8 letters long. Please try
again.') Some of them are little password-nazis ('Sorry that's too
short... is a reverse word... should contain at least one digit').
Mary.
--
Mary Gardiner
<[EMAIL PROTECTED]>
GPG Key ID: 77625870
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk