On Sun, Feb 21, 2010 at 6:31 AM, Matthew Dillon <[email protected]> wrote: > > > Well... if someone wants to add another encryption method that's fine > w/me. Nobody should be using plaintext passwords for remote access > anyway since most attacks don't even bother trying to decrypt any more, > they just run against a dictionary. > >
the password-hashing method used in OpenBSD uses an algorithm derived from Blowfish that makes use of the slow key schedule; the idea is that the extra computational effort required gives protection against dictionary attacks. http://en.wikipedia.org/wiki/Blowfish_%28cipher%29 thanks :-) --Siju
