[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Passwords inside System Configuration

From: Vagrant Cascadian
Subject: Re: Passwords inside System Configuration
Date: Tue, 21 Jan 2020 13:24:24 -0800

On 2020-01-21, Raghav Gururajan wrote:
>> Note: The hash of this initial password will be available in a file
>> in
>> /gnu/store, readable by all the users, so this method must be used
>> with
>> care.
> I see. But why would it be a concern? It is not feasible to brute-force 
> SHA-512 hash right?

I'm no expert, but evaluating the future based on today has it's
weaknesses; brute-force isn't usually what makes it possible to
compromise an algorithm...

According to wikipedia, SHA-512 is in the SHA2 family:

Which outlines papers, some going back over a decade, on various ways
SHA2 could be weakened...

live well,

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]