15 Jul
2016
15 Jul
'16
2:02 p.m.
On Jul 15, 2016, at 1:20 PM, freeradius-users@latter.org wrote:
On 15/07/16 16:52, Arran Cudbard-Bell wro In terms of security? It ticks the box marked "did the best we could". And it does protect those who use long passwords. And we might yet enforce stricter password strengths - the original rules were designed to deal with (slow) *on-line* attacks.
In 2016, NT hashed passwords are not really any more secure than clear-text passwords. And, NT hashed passwords prevent some authentication methods from working. Alan DeKok.