Re: Circle & SQL??

From: Mark A. Heilpern (heilpern@MINDSPRING.COM)
Date: 05/11/98


At 02:57 PM 5/10/98 -0600, you wrote:
>I did some testing, and the 10 length seems to be the pre-encrypted
>length, not what is saved in the datafiles.
>
>If you type in 'superkalafrajalisticexpealadocious' as your PW, it'll
>chopped to the first ten characters, which is only 'superkalaf'. This
>means that you can type in 'superkalafXXXXX' and the password
>verification will still work.
>
>Why 10? Who knows? The technical reason was explained quite well by
>Daniel. Perhaps 10 was just a carry-over from DIKU.


The standard *nix crypt() function only operates on the first 8 characters of
your password; anything beyond that is noise and not looked at. (Tho, I have
heard of at least one crypt() library function that was significant to 16
characters.) Also, if I'm not mistaken, characters that have the high bit
turned
on (not normally typable without ALT-xxx sequences) will have the high bit
stripped before encryption.


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/15/00 PST