Re: MD5 password hash

[Siju George <sgeorge.ml@xxxxxxxxx>]

On Sun, Feb 21, 2010 at 6:31 AM, Matthew Dillon
<dillon@apollo.backplane.com> wrote:
>
>
>    Well... if someone wants to add another encryption method that's fine
>    w/me.  Nobody should be using plaintext passwords for remote access
>    anyway since most attacks don't even bother trying to decrypt any more,
>    they just run against a dictionary.
>
>

the password-hashing method used in OpenBSD uses an algorithm derived
from Blowfish that makes use of the slow key schedule; the idea is
that the extra computational effort required gives protection against
dictionary attacks.

http://en.wikipedia.org/wiki/Blowfish_%28cipher%29

thanks :-)

--Siju