Hi Roy, On Tue 29/6/2021, at 7:18 pm, roy...@gmail.com wrote: > >> - Make failure delay more consistent to avoid revealing valid usernames, set >> server password >> limit of 100 characters. Problem reported by usd responsible disclosure team > > What is the technical reason of limiting server password length to > such a low value? It is even shorter than Windows PATH_MAX which I > think this doesn't make any sense. > >> - Change handling of failed authentication to avoid disclosing valid >> usernames, >> CVE-2018-15599.
The problem with longer passwords is that the time taken to calculate a password crypt is dependent on the length of the password. Passwords longer than a certain length will take longer to crypt than the failure delay time - 100 characters was less than what I tried empirically. That itself wouldn't be a problem if we could just crypt all incoming password attempts before checking a username's existence - the problem is that the password crypt algorithm can vary per user, so the time will vary too. We have to guess which algorithm to use for unknown users. So rather than adding some complicated logic I just limited the password length. Cheers, Matt
