[rt-devel] password check

Darrin Walton darrinw at nixc.net
Wed Feb 27 16:40:02 EST 2002

  |+ Assuming RT uses des-crypt for its passwords, then its not a problem.  DES-
  |+ Crypt only deals with the first eight bytes of a given password string, the 
  |+ rest is thrown away.  By the way, I think its lame that RT uses des-crypt 
  |+ passwords, it should use md5 or sha1. ;) 

Supply a patch for RT that does md5 and/or sha1, and gives the user an
option within the config.pm to pick which crypt method to use.

Also, supply a program that would convert existing des-crypt to an
md5/sha1 password in the database :)


More information about the Rt-devel mailing list