Password weirdness in Mandrake 8.1

Robert Meyer meyer_rm at yahoo.com
Wed Jan 16 09:32:49 EST 2002


--- JJ Neff <jjneff at yahoo.com> wrote:
> I changed my password in RXVT su'd root.  All was well I logged in and out
> multiple times.
> 
> Assume my password is <password>1  
> When my screen goes to screen saver (blank screen) which is password
> protected.
>  I can type <password>1 and get to my desktop
> BUT I can also type <password>  (1 omitted on purpose) and still get in...
> 
> Any ideas why the 1 seems to be optional?

Yep, sure can.  You see, an encrypted stream of characters can only hold so
many original password characters.  In this case, the limit is eight.  Anything
else is silently ignored.  Try typing any random string of characters after the
first eight or ten characters of the actual password.  Should still work.

There used to be a similar limit on the length of the username.  Had a guy with
the last name 'mambretti' want to use his name as his username.  It would never
let him log in 'cuz the login program chopped the input at 8 but the string
compare was the full string.  Dropped the 'i' and everthing was fine.

Hope this helps...

Cheers!

Bob


=====
Bob Meyer
Knightwing Communications, Inc.
36 Cayuga Blvd
Depew, NY 14043
Phone: 716-308-8931 or 716-681-0076
Meyer_RM at Yahoo.com

__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/


More information about the nflug mailing list