| Subject | Re: [firebird-support] Database Security |
|---|---|
| Author | Brad Pepers |
| Post date | 2004-01-06T20:31:56Z |
On January 6, 2004 03:04 am, Jiri Hoffmayer wrote:
characters so it can't easily be fixed without recoding how passwords work.
Note though that crypt() is now considered to be pretty weak and can be
broken by brute force attacks so replacing it would be a good idea.
--
Brad Pepers
brad@...
> I actually wonder why the login password is stil only 8 chars. Why notFirebird uses the crypt() function for the password and crypt only uses 8
> extend the significant chars of a password to let's say 64? This would
> prevent DB access when someone gets the 'security.fdb' file (or the
> appropriate IB file). AFAIK the 8 pwd chars may be cracked through a brute
> force approach, which is quite easy to do :-(((
characters so it can't easily be fixed without recoding how passwords work.
Note though that crypt() is now considered to be pretty weak and can be
broken by brute force attacks so replacing it would be a good idea.
--
Brad Pepers
brad@...