[freeside] Password Length
rdailey at colusanet.com
rdailey at colusanet.com
Wed Apr 18 09:15:25 PDT 2001
What I meant was, on the Customer Add screen, the maximum length of the
password text box is eight. Even if you change that, any more than eight
characters results in an error "illegal password"
Personally, we're only exporting to Radius users file anyway, so there is
no need to limit the number of characters when we add the user.
>On Sat, Apr 14, 2001 at 02:44:55PM -0700, Jason Spence wrote:
> > On Sat, Apr 14, 2001 at 12:20:29PM -0700, rdailey at colusanet.com developed
> > a new theory of relativity and:
> >
> > > Why is the maximum password length only eight characters? I
> > > understand that Unix only uses the first eight characters, anyways,
> > > but what about RADIUS?
> >
> > RADIUS has a limit of 128 characters. See section 5.2 of RFC 2138.
> >
> > The 8 character bottleneck comes from BSD systems, I think. I know
> > that in the past, they only treated the first 8 characters as
> > significant, but I'm not sure whether that is still true now that
> > they're using MD5.
>
>Historically, not just BSD systems, but all unices, whether BSD-flavoured,
>SysV-flavoured (Solaris etc.) or independantly implemented (Linux), have
>used a DES-flavoured crypt(3) with 8 significant characters.
>
>--
>meow
>_ivan
Rick Dailey
ColusaNET
<mailto:%2F%2Frdailey at colusanet.com>rdailey at colusanet.com
More information about the freeside-users
mailing list