14 May
2015
14 May
'15
2:07 p.m.
--On Thursday, May 14, 2015 10:02 PM +0000 jeevan kc jeev_biz@hotmail.com wrote:
Hello all, We've just noticed that when a user authenticates via LDAP, it ignores characters after the right password. For example a user jkc900 has Password Welcome1
What password hashing mechanism are you using?
"Welcome1" is exactly 8 characters. Older, insecure hashes only treat the first 8 characters as significant.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration