NTLM hashed passwords.

Alan DeKok aland at deployingradius.com
Fri Jul 15 20:02:42 CEST 2016


On Jul 15, 2016, at 1:20 PM, freeradius-users at latter.org wrote:
> 
> On 15/07/16 16:52, Arran Cudbard-Bell wro
> In terms of security?  It ticks the box marked "did the best we could".
> And it does protect those who use long passwords.  And we might yet
> enforce stricter password strengths - the original rules were designed
> to deal with (slow) *on-line* attacks.

  In 2016, NT hashed passwords are not really any more secure than clear-text passwords.  And, NT hashed passwords prevent some authentication methods from working.

  Alan DeKok.




More information about the Freeradius-Users mailing list