--- In firebird-support@yahoogroups.com, "gymkus" <schneider@...> wrote:

>
> Hello,
>
> I try to understand the technic how user passwords are transfered from a client login to a firebird 1.5 database server.
>
> When I listen my network traffic (e.g. with wireshark) I see that after the username a password hash follows. This password hash consists of 11 charakters.
> A standard DES-Hash consists of 13 charakters.
> These 13 charakters are a combination of 2 charakters from the "salt" and 11 charakters from the enncrypted password.
>
> So maybe on firbird 1.5 the "salt" is missing ???
> Does Firebird 1.5 use a standard encryption algorithm?
>
> Is it DES with some modifications? Where can I find the "salt"?
>
> Thanx for your help.
> Marco
>

I'm trying to do a similar thing with firebird 2.0 and have again used wireshark to snoop for the password. I am very interested in how the password can be decrypted.