Re: password length

From: Michael W. Cocke (cocke_at_catherders.com)
Date: 06/27/04 

Date: Sun, 27 Jun 2004 08:11:51 -0400

On Sun, 27 Jun 2004 12:24:00 +0200, Hans Schilling
<news@compuserve.de> wrote:

>Hello !
>
>> I've setup a password length of 12 character.
>> And I made a login password of 10 characters.
>> But if I type the first 8, it is enough to login.
>
>I've just read a group message here which solve my question.
>With MD5 the longer password works fine.
>But what is the different between DES and MD5 ?
>
>Thanks.
>
>Hans.

The short answer (for non-cryptographers) is "Different encryption
methods".

More detail follows for those who care -

DES is the US Data Encryption Standard, which was broken a few years
ago but takes much horsepower to reverse.

Message Digest ver 5 (MD5) takes as input a message of arbitrary
length and produces as output a 128-bit "fingerprint" or "message
digest" of the input.

The MD5 algorithm is actually intended for digital signature
applications, not really crypto at all, but it works acceptably
because it's computationally infeasible to produce two messages having
the same message digest. In principal, similar to a CRC32.

Mike- 

--
If you're not confused, you're not trying hard enough.
--
Please note - Due to the intense volume of spam, we have installed 
site-wide spam filters at catherders.com.  If email from you bounces,
try non-HTML, non-encoded, non-attachments,
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---