Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security SecProg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Password Management

from [Badhrinath S] Network Security [Permanent Link]
Subject: Password Management
Date: Fri, 18 Nov 2005 11:31:22 +0530 
Hi all,

An application has been using PAM of unix till now for password authentication.
This is a client server model where server uses a database for its operations.
Now it has to manage the passwords by itself with following constraints.

--> Check if password is not the same as previous 5 passwords set
--> Check if the password differs from old password by alteast 3 characters.

So, can you please give me suggestions to manage this effectively ?
--> Do I encrypt and save the previous 5 and the current passwords in
database or how can the passwords be stored better?
--> Can symmetric keys be used or will assymetric key usage be better ?
--> How to decide upon the key values ?

Guess, Hashing will not be useful since we need to check for atleast 3
character change in passwords. Plz comment.

--
Thanks
Badhri
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Password Management, Badhrinath S <=
Indexes:  [Date] [Thread] [Top] [All Lists]