Interesting concept. So if I generate a SSHA hash and do not specify a
salt, does slappasswd pick one? Any idea how long it is?
Andrew Kay wrote:
I imagine it uses a password salting technique (see
) in order to better
protect the hashed password from a precompiled dictionary attack. If
password salting is used the salt is comonly stored as the prefix of
the value you see.