31 Dec
2006
31 Dec
'06
9:32 a.m.
Interesting concept. So if I generate a SSHA hash and do not specify a salt, does slappasswd pick one? Any idea how long it is?
Thanks,
\Greg
Andrew Kay wrote:
Greg,
I imagine it uses a password salting technique (see http://en.wikipedia.org/wiki/Password_salting) in order to better protect the hashed password from a precompiled dictionary attack. If password salting is used the salt is comonly stored as the prefix of the value you see.
Andrew