| Subject | Re: [ib-support] fb 8-letter password bug |
|---|---|
| Author | Helen Borrie |
| Post date | 2002-01-04T07:32:39Z |
At 01:05 PM 04-01-02 +0800, you wrote:
Because 8 characters is easy to crack, you're advised not to use easily guessable words as passwords. Better to create completely random combinations of letters and digits.
Helen
All for Open and Open for All
Firebird Open SQL Database ยท http://firebirdsql.org
_______________________________________________________
>There's a bug where passwords are validated to the first 8-letters only, right? e.g. password is 'masterkey' but authentication accepts 'masterke'.It's not a bug. InterBase and Firebird only evaluate the first 8 characters of any password, so if you have one user with the password "masterkey" and another with "masterkeeper", they are evaluated and encrypted as identical.
>
>Is this going to be corrected soon or is this a low priority?
Because 8 characters is easy to crack, you're advised not to use easily guessable words as passwords. Better to create completely random combinations of letters and digits.
Helen
All for Open and Open for All
Firebird Open SQL Database ยท http://firebirdsql.org
_______________________________________________________