Maximum password length?

Discussion in 'General Mac Discussion' started by buffsldr, Sep 5, 2002.

  1. buffsldr macrumors 6502a


    May 7, 2001
    Please try the following experiment? Create a new user under os 10.x

    Assign the following password 123456789

    Log out and attemp to login as the user you just created by entering the password as 12345678


    Now... try to access the users keychain by entering only 12345678.

    I have not thouroughly tested this, but it appears that the os requires the entire password at times, and does not at other times.
  2. Over Achiever macrumors 68000

    Over Achiever

    Jul 22, 2002
    Toledo, OH, formerly Twin Cities, MN
    This isn't what you mentioned, but I noticed that if you type in your password, and add a character or two, that it still accepts it. I'll get back to ya'll on what securtiy system it is...

    Stupid me...its is a common occurance huh?
  3. King Cobra macrumors 603

    Mar 2, 2002
    For some reason OS X always uses 8 characters/dots, probably for security issues, but I am not sure. I don't think it's an error.
  4. rainman::|:| macrumors 603


    Feb 2, 2002
    i've not tried it, but it seems to me the inference is to the password itself, not the number of characters... he's saying that if you make the password 123456789, you can log in without typing the last digit... as for them using a set number of dots, a lot of apps have been doing it for years now... makes it much more difficult to guess the password...

  5. szark macrumors 68030


    May 14, 2002
    It's a UNIX thing...

    Most UNIX distributions that I have seen only support a 6-8 character password, and will let you type any extra characters at the end.

    So, basically, it's standard UNIX behavior.
  6. buffsldr thread starter macrumors 6502a


    May 7, 2001
    please note, that there are times you are required to type in the ninth character (eg unlocking your keychain).

    it is this inconsistency that i find remarkable
  7. balliet macrumors member

    Dec 21, 2001
    Re: It's a UNIX thing...

    Any UNIX that is still using a DES crypt(). I haven't use many commercial unices lately (well, except OS X), but I'd be willing to bet most have moved to an MD5 crypt. (which allows for passwords > 8 chars). Modern linux and BSD distributions have. I have no idea why OS X isn't using MD5.
    Your keychain password separate from your login password. You can change it with the "Keychain Access" utility. Probbaly when you setup the account both your login and keychain are initialized to the same password or something.
  8. buffsldr thread starter macrumors 6502a


    May 7, 2001
  9. peterjhill macrumors 65816


    Apr 25, 2002
    Seattle, WA
    The method they are using to store the password for login chomps off any characters after the 8th. On the other Hand (OTOH) the keychain does not share this limit (the code was around for longer than OS X, so it probably stores the password with MD5 encryption).

    Good news is that they have added PAM support to OSX, this could allow for the use of longer passwords. Basically an app will ask pam to authenticate a user, and pam would have extensible methods for authenicating the user, such as kerberos, md5, certificates.

Share This Page