Niels wrote:
>[EMAIL PROTECTED] (raf) writes:
>> Niels wrote:
>>
>> >Is there any standard or canonical documentation on how shadow
>> >passwords should work?
>>
>> any password field that is not exactly 13 characters long is a shadow password.
>Do you have a reference for that?
Stevens: Advanced Programming in the Unix Environment.
unix passwords encrypt to exactly 13 characters. therefore, anything that
isn't 13 characters is not an encrypted password. it must a shadow password.
>Is it true also for, say, md5 passwords?
i doubt it. it only refers to classic unix password encryption.
>Is it a better criteria than "any password of exactly one
>character is a shadow password"?
theoretically, yes. pragmatically, no.
i doubt that any system would use anything other
than a single character for shadow passwords.
but it is possible.
raf
