Hello,
- How can I make authentication protocol X work with passwords stored as Y? - You can't.
it's magic, thank you.
No, it's mathematics. MSCHAP hashing destroys the cleartext password, and you can never get it back. SHA2 hashing destroys the cleartext password in a different way, you can never get it back, and it is totally unrelated to what MSCHAP produces. So, - comparisons between cleartext and MSCHAP works: apply MSCHAP to cleartext and compare results - comparisons between cleartext and SHA2 works: apply SHA2 to cleartext and compare results - comparisons between MSCHAP and SHA2 does not work: two different variants of gibberish are uncomparable Stefan -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 2, avenue de l'Université L-4365 Esch-sur-Alzette Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66