Contributed by SamT on from the dept.
The FreeBSD-style MD5-based hashes that are so popular nowadays (they're used on FreeBSD, on many (most?) Linux systems, and on Cisco IOS for "enable" passwords) are significantly better, but they aren't quite state of the art. The OpenBSD-style Blowfish-based (bcrypt) hashes are a whole lot better, adding variable iteration counts (such that a system administrator can proceed to adjust the processing cost for hashes that would be used for newly set or changed passwords as CPUs become faster).
Those multiple iterations of an underlying cryptographic primitive (such as modified DES, MD5, or Blowfish) are used to implement so-called "password stretching". bcrypt hashes can reasonably be configured to be, say, 15,000 times slower than traditional crypt(3) hashing on a given CPU. This is equivalent to passwords (or passphrases) containing 14 bits of additional entropy compared to what one has to actually remember and type in at a login prompt. That's roughly two words less to type in a passphrase.
Not only a good read for fanboys, but a good read for those admins with other OSs with discussions that may help you better secure your network
(Comments are closed)