26 Oct
2021
26 Oct
'21
5:07 p.m.
On Oct 26, 2021, at 3:28 PM, Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> wrote:
Thank you for the comprehensive explanation, but I still believe that MD4 hash is more GDPR conformant than Cleartext-Password ;)
Only because it's *slightly* better than clear-text passwords, and because the political / legal rules have little relation to the reality of computer security.
But can anything besides NTPassword or Cleartext-Password work for MSCHAP authentication?
No. We're stuck with decisions made in the late 1980s. Alan DeKok.