Password security
Guy Harris
guy at auspex.UUCP
Sat Nov 26 16:36:31 AEST 1988
>>- Certain characters are untypable in passwords: nul, newline, backspace,
>> and line-kill characters, and possibly ^S, ^Q, and ^M.
>
>This is incorrect. Virtually any character can be used in passwords
>as well as lognames. The mechanism which controls this is the stty
>options in the initial and secondary flags located in the /etc/gettydefs
>entry currently in effect on the port being accessed.
Yeah, but most people tend to consider it rude to leave the tty in "raw"
mode once "login" is fired up, so it's generally in cooked mode when the
password is being read in, and thus unless you have a character like the
"literal-next" character, certain characters *are*, in fact, untypable
in passwords, including all the ones listed above. Yes, Virginia, there
are UNIX systems that don't have "literal-next".
Of course, NUL is typable, even in cooked mode on systems without
"literal-next"; however, since the password is, in general, a C-language
string, NUL is obviously not a valid character in a password....
More information about the Comp.unix.wizards
mailing list