Cisco Type 4 passwords have no salt

Slashdot

+ - Cisco Type 4 passwords have no salt-> 0

Submitted by TheLink on Wednesday March 20, 2013 @12:08AM

TheLink writes "Cisco's Type 4 password algorithm does not use PBKDF2 and does not use a salt, but instead performs a single iteration of SHA-256 over the user-provided plaintext password. This approach causes a Type 4 password to be less resilient to brute-force attacks than a Type 5 password of equivalent complexity."
Link to Original Source

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Cisco Type 4 passwords have no salt

Load All Comments

Search 0 Comments Log In/Create an Account

Comments Filter:

All
Insightful
Informative
Interesting
Funny

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

One good reason why computers can do more work than people is that they never have to stop and answer the phone.

Cisco Type 4 passwords have no salt More Login

Cisco Type 4 passwords have no salt