Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

buffsldr

macrumors 6502a
Original poster
May 7, 2001
621
0
Please try the following experiment? Create a new user under os 10.x

Assign the following password 123456789

Log out and attemp to login as the user you just created by entering the password as 12345678


Interesting?

Now... try to access the users keychain by entering only 12345678.

Hmmmmm.
I have not thouroughly tested this, but it appears that the os requires the entire password at times, and does not at other times.
 

Over Achiever

macrumors 68000
This isn't what you mentioned, but I noticed that if you type in your password, and add a character or two, that it still accepts it. I'll get back to ya'll on what securtiy system it is...

Stupid me...its is a common occurance huh?
 

King Cobra

macrumors 603
Mar 2, 2002
5,403
0
For some reason OS X always uses 8 characters/dots, probably for security issues, but I am not sure. I don't think it's an error.
 

rainman::|:|

macrumors 603
Feb 2, 2002
5,438
2
iowa
Originally posted by King Cobra
For some reason OS X always uses 8 characters/dots, probably for security issues, but I am not sure. I don't think it's an error.

i've not tried it, but it seems to me the inference is to the password itself, not the number of characters... he's saying that if you make the password 123456789, you can log in without typing the last digit... as for them using a set number of dots, a lot of apps have been doing it for years now... makes it much more difficult to guess the password...

:)
pnw
 

szark

macrumors 68030
May 14, 2002
2,886
0
Arid-Zone-A
It's a UNIX thing...

Most UNIX distributions that I have seen only support a 6-8 character password, and will let you type any extra characters at the end.

So, basically, it's standard UNIX behavior.
 

buffsldr

macrumors 6502a
Original poster
May 7, 2001
621
0
please note, that there are times you are required to type in the ninth character (eg unlocking your keychain).

it is this inconsistency that i find remarkable
 

balliet

macrumors member
Dec 21, 2001
68
0
Re: It's a UNIX thing...

Most UNIX distributions that I have seen only support a 6-8 character password.
Any UNIX that is still using a DES crypt(). I haven't use many commercial unices lately (well, except OS X), but I'd be willing to bet most have moved to an MD5 crypt. (which allows for passwords > 8 chars). Modern linux and BSD distributions have. I have no idea why OS X isn't using MD5.

please note, that there are times you are required to type in the ninth character (eg unlocking your keychain).
Your keychain password separate from your login password. You can change it with the "Keychain Access" utility. Probbaly when you setup the account both your login and keychain are initialized to the same password or something.
 

peterjhill

macrumors 65816
Apr 25, 2002
1,095
0
Seattle, WA
The method they are using to store the password for login chomps off any characters after the 8th. On the other Hand (OTOH) the keychain does not share this limit (the code was around for longer than OS X, so it probably stores the password with MD5 encryption).

Good news is that they have added PAM support to OSX, this could allow for the use of longer passwords. Basically an app will ask pam to authenticate a user, and pam would have extensible methods for authenicating the user, such as kerberos, md5, certificates.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.