Re: [dev] [PATCH] [ubase] Simplify login

From: FRIGN <>
Date: Tue, 3 Jun 2014 21:20:31 +0200

On Tue, 3 Jun 2014 21:16:01 +0200
Markus Wichmann <> wrote:

> Well, it won't save you, but delay it significantly! Testing a password
> with login takes 5 seconds, testing a password with the hash at hand
> takes less than a microsecond.

Well, it depends on the hash and how strong the password is ;).

> But I concur this issue is pretty unimportant. Most security breaches
> these days occur due to faulty software allowing arbitrary code
> execution from network input. Or some fault/feature in the operating
> system allowing circumvention of the login prompt. (If you give me
> physical access to a Linux box, I'll get access to it.) So knowing a
> password isn't necessary any more.

Exactly. This is a rather trivial issue and for instance not relevant
for ssh, telnet and other means of non-local access.



Received on Tue Jun 03 2014 - 21:20:31 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 03 2014 - 21:24:10 CEST