AOL's Embarassing Password Woes

An anonymous reader writes "AOL.com users may think they have up to sixteen characters to use as a password, but they'd be wrong, thanks to this security artifact detailed by The Washington Post's Security Fix blog: "Well, it turns out that when someone signs up for an AOL.com account, the user appears to be allowed to enter up to a 16-character password. AOL's system, however, doesn't read past the first eight characters." This means that a user who uses "password123" or any other obvious eight-character password with random numbers on the end is in effect using just that lame eight-character password."

Nothing new

It's nothing new, the BT Openworld webmail system had this unique bug/feature years ago. Wonder if they've fixed it....

Re:Nothing new

[sglider]

MySpace has that issue as well, past 10 characters. If you go to their signup screen, you can sign up with a longer password, but if you go to the secondary login screen, it will stop typing either after 10 or 12 characters.

Re:Nothing new

[Goldberg's+Pants]

Demon Internet in the UK were like that back in 1994 when I signed up. I had some issues and changed the password. I'd come up with this long obtuse password and he said "Oh don't worry, it only reads the first 8 characters anyway."

So I dumped the convoluted password and went with something with 8 characters.

Re:Nothing new

I supose these idiots have never heard of hashing. Then this sort of weakness would have been a non-issue, even if their systems didn't read past the first half of the hash output.

Re:Nothing new

At least Sprint.com TELLS you how insecure their passwords are:

* Must be 6 to 8 letters or numbers (A-Z and 0-9)
* Cannot include more than 3 repetitive digits (e.g. 111)
* Cannot be all or part of your social security number or Sprint PCS phone number
* Should not be something easy to guess, such as your birthdate.

Nope, no criminal would have to *guess* my birthdate...they'd already friggin know it! And this level of crappiness protects your entire service, billing address, features, voicemail password etc.

That *really* cheap Treo 700p seems soooo not worth it now :(

Re:Nothing new

[5of0]

Yeah, but if they cared enough to implement hashing, they'd probably put in the effort to have it recognize all 16 characters in the first place.

Not alone

[bsane]

Solaris (up to Solaris8 anyway) has exactly the same problem, I wouldn't be surprised if its widespread on older systems.

One thing I find interesting though, way back before the internet was well known (1990 or so I think) and people paid for CompuServe or AOL or whatever, I had a CompuServe account and the original password was 'wrote*admiral' and it definatly required all letters to be correct

Re:Not alone

[Ant+P.]

It's not just Solaris, here's part of /etc/login.defs on a Gentoo box:

# Number of significant characters in the password for crypt().
# Default is 8, don't change unless your crypt() is better.
# Ignored if MD5_CRYPT_ENAB set to "yes".
#
#PASS_MAX_LEN 8

# If set to "yes", new passwords will be encrypted using the MD5-based
# algorithm compatible with the one used by recent releases of FreeBSD.
# It supports passwords of unlimited length and longer salt strings.
# Set to "no" if you need to copy encrypted passwords to other systems
# which don't understand the new algorithm. Default is "no".
#
MD5_CRYPT_ENAB yes

Maybe it's just me, but having a hardcoded default of 8 significant characters is really stupid especially when the alternative is just plain better. Is there any distro that _doesn't_ override these by default?

Re:Not alone

[Cygfrydd]

#PASS_MAX_LEN 8 Perhaps it's just me, but isn't that commented... meaning, the entire length of the password is hashed, and thus, significant?

Re:Not alone

[HBI]

You are right.

Re:Not alone

[TheRaven64]

I don't know about Gentoo specifically, but on most *NIX systems the convention is to put the default values in the example config file, commented out. This shows the user what the defaults are, and shows that they don't need to be explicitly stated.

Re:Not alone

[teh+kurisu]

Forgive me if I'm being a spaz, but isn't that line commented out in your example? It also seems to be commented out on my Gentoo box, which leads me to believe that it's commented out by default as it's a file I've never touched.

Furthermore I tried su'ing on that machine with only the first eight characters of my root password, and was denied access. So I'm concluding that it's not a problem in Gentoo by default.

Re:Not alone

[Albanach]

Perhaps it's just me, but isn't that commented...

It's commented meaning the default applies. It also states the default is 8, so eight characters are significant.

Re:Not alone

[PAjamian]

It's not just Solaris, here's part of /etc/login.defs on a Gentoo box:

# Number of significant characters in the password for crypt().
# Default is 8, don't change unless your crypt() is better.
# Ignored if MD5_CRYPT_ENAB set to "yes".
#
#PASS_MAX_LEN 8

# If set to "yes", new passwords will be encrypted using the MD5-based
# algorithm compatible with the one used by recent releases of FreeBSD.
# It supports passwords of unlimited length and longer salt strings.
# Set to "no" if you need to copy encrypted passwords to other systems
# which don't understand the new algorithm. Default is "no".
#
MD5_CRYPT_ENAB yes
Old DES crypt() hashing is only significant to 8 chars on any system. That's why modern systems (including Gentoo) use MD5 hashing by default which has no limit on the length of the password to hash. Notice that MD5_CRYPT_ENAB is set to "yes" above which causes it to ignore the PASS_MAX_LEN setting.

Re:Not alone

[Cygfrydd]

# Ignored if MD5_CRYPT_ENAB set to "yes".
#
#PASS_MAX_LEN 8
...
MD5_CRYPT_ENAB yes ... which seems to indicate that the default behaviour is to ignore the password length cap altogether.

@yg

Re:Not alone

[Driador]

AIX 5.3 also behaves in this fashion

Re:Not alone

[thogard]

The idea with the 8 char max is that you could copy encrypted /etc/passwd files from one machine to another and still have things work. That broke if you changed the number of characters that "crypt" worked on since it would encrypt "Foo" with "Foo\0\0\0\0\0" and would get different results if you feed it more nulls at the end.

Re:Not alone

[spathi-wa]

It also says "Ignored if MD5_CRYPT_ENAB set to "yes"." And the last line of the quoted file sets MD5_CRYPT_ENAB to "yes"

Re:Not alone

Technically it wasn't a "problem" with Solaris. It was pretty much standard in Unix implementations from the beginning that the maximum password length be (at default) 8 characters...various operating systems designed later allowed you to either tune the number of maximum allowable characters, or simply don't have any practical limit (beyond what your computer is capable of handling...and I pity you if you're a 32-bit PC user with an 8GB password to type ;>).

Re:Not alone

[ATMD]

I'm running an up-to-date Gentoo install, and have never knowingly touched that file. I just tried logging in as root, except typing only the first 8 characters of my password and then garbage. It didn't let me in.

Re:Not alone

[Teiresias_UK]

I had the (mis)fortune of working for Compuserve Tech support in the summer of '97 whilst one holiday from Uni.

Every other call I had was a clueless newbie who'd forgotten their password, and wanted us to give them a new one. Problem is most of them didn't know their way around a keyboard very well, and certainly didn't know where the non-alphanumeric symbols were.

This caused no end of converations with the support staff pointing the user around the keyboard - "No, no, up from the 0, you need to hold down shift as well ...."

Still pretty secure considering what you get now.

Re:Not alone

[softwareengineer99]

Solaris 10 has the same issue.

Re:Not alone

[WilliamSChips]

I pity you if you have an 8GB password to type, period.

Re:Not alone

[Joebert]

You're all fired, we're switching back to Microsoft.
There, problem solved.

Re:Not alone

[aquabat]

Solaris (up to Solaris8 anyway) has exactly the same problem, I wouldn't be surprised if its widespread on older systems.

Yup. HPUX (10.20, and maybe 11.00 - can't recall) did the same thing.

Re:Not alone

[sporkmonger]

I ran into this problem with EMC Documentum, but later discovered that Documentum was just using the OS's user accounts, and thus shared the password bug/feature.

No way.

Anyone else having a hard time believing this?

Re:No way.

[__aaclcg7560]

Nope. At some companies I worked for, the most common passwords are "password", "hockey" (I have no idea why), and "yousuck" (Windows machines). The opposite extreme is companies with password Nazis who insist that your password be a certain length, follows a certain pattern (capital letters, lowercase letters, numbers and symbols) and minimum length (eight or more characters), must be changed every 90 days, and you can't reuse the last 500 variations of the same password based on your name.

Re:No way.

[Bastard+of+Subhumani]

... thus pretty much ensuring that you write it down.

Re:No way.

[Tim+C]

Given that I saw exactly this behaviour on a Solaris 8 install at work a few months ago, no, I completely believe it.

Of course, *then* I was shocked...

Re:No way.

What is the problem with writing down a password? If you have 30 passwords to remember, you'll inevitably end up having to write them down just to remember what password is for what system.

Re:No way.

[timelorde]

90 days? What luxury. Ours is every 30 days. Grrr...

Re:No way.

[thogard]

It changes authentication from something you know to something you have.

Re:No way.

[cp.tar]

Now those are people who do not understand the way people think. Mathematicians, not psychologists.

And they are the reason social engineering works so well.

People like having one, maybe two or three passwords.
So instead of making them change passwords regularly (and do note the analogy of having to change your front door lock every two months!), make them create one relatively secure password and drill them to memorize it, never, ever reveal it to anyone and never ever write it down.

Changing passwords does not affect their crackability in any way, anyway... it is a random security layer which can close the door to someone who has already cracked the old one, in which case your security sucks anyhow.

Re:No way.

[that+this+is+not+und]

Something you have on a post-it note, stuck to your desk underneath your keyboard.

Re:No way.

[General+Wesc]

I used to tell people not to write down their passwords, but after dealing with people losing their passwords all the time, I changed my tune. I think this makes a good point. There are some passwords I won't write down, but if I can carry hundreds of dollars, keys to my house and car, and credit cards with over a total credit line over 10 000USD in my pocket.

Preferably, one would just write down a hint, of course. And not on a sticky-note on the monitor.

Re:No way.

[fimbulvetr]

Amazing! I keep mine in the same spot!!!

Re:No way.

[Rakishi]

Under the keyboard? That's a rarity, mostly they seem to be stuck to the monitor.

Re:No way.

[X0563511]

This is not so bad If you keep it in a safe place you would immediatly notice missing... I keep mine (while I'm learning it anyways) in a special place in my wallet, and my wallet is nearly always on my person (or nearby)

The problem is postit-syndrome.

Re:No way.

[myowntrueself]

The opposite extreme is companies with password Nazis who insist that your password be a certain length, follows a certain pattern

I've seen ones where they specify things like 'must be 10 characters long, contain 2 symbols, 2 numeric characters, 2 uppercase'. They don't seem to realise that they are actually *reducing* the complexity of possible passwords.

If a cracker knows that a password *will* contain, eg, 2 non-alphanumeric characters plus 2 numerals plus 2 upper case characters and the required length of the password this reduces the search space significantly.

Re:No way.

[Old+Wolf]

Anyone else having a hard time believing this?

No. I just tried this on my work's development Solaris machine, as another poster suggested. Typed in the first 8 characters of my password then a whole lot of random junk .. woot, logged in.

Re:No way.

[Mean+Variance]

This is not so bad If you keep it in a safe place you would immediatly notice missing... I keep mine (while I'm learning it anyways) in a special place in my wallet, and my wallet is nearly always on my person (or nearby) The problem is postit-syndrome.

Me too. I put a mini Post-it on the back of my driver's license on the 90-day interval. It takes about 3 days to move the "finger burn in" from my old password to the new one. When the Windows domain gives me my 14 day warning, I always try to do it on a Monday or Tuesday.

Re:No way.

[Mr+Jazzizle]

I find that picking out just something around the desk and using it's serial number (or some other long sequence of random letters and numbers) as your password, you'll never forget it as long as you know what thing its on. Not so good, however, is when someone notices that you're looking at the back of your computer speakers everytime you log on.

Re:No way.

[freakmn]

The problem with having one good password is that it's essentially putting all your eggs in one basket. If your password is cracked in one place, then it can be used in other places. If my slashdot password is compromised, and I use the same username/password for my banking, I'll be sorry.

The other problem is with revealing passwords. I know you said never to reveal it to anyone, but everyone must reveal their password at some point. I say this because anywhere that you input your password is revealing it to a computer, which is operated by someone. Do you know how safe a site keeps your password? Take Slashdot for example: Do you know how they store their passwords? I don't, and use a less secure password for here than usual.

The method I use is to have different levels of passwords that I know. For secure sites, such as banking, or trusted online merchants, I have a high level password. For my e-mail accounts and work purposes, I have a medium level one. For message boards and other "junk" sites (yes, slashdot), I have a low level password. They are all secure passwords, don't get me wrong, but I use different ones for different purposes. I find that it works well. If I am logging into a site that I'm not sure if I can trust, I'll use a junk password, write it down, and if I later decide to trust that site, I change it to one of my main passwords. I took that idea from someone on the internet, perhaps here on slashdot, and it's worked well since then. It sure beats when I was in high school and used my girlfriend's name for everything. If I did that now, I'd just have a blank password.

Re:No way.

[WuphonsReach]

I do something similar.

For systems that I access regularly (at least 2 times per week) that need a secure password, I make up a long one and memorize it. I find that I can memorize and track about 6 of those. These passwords are either login passwords or ones that protect my GPG or SSH2 keys. Basically those 6-12 passwords are the keys to my kingdom and the only ones I memorize.

For systems that I don't hit regularly, and don't need access to them from random locations or on a minute's notice while away from my desk - they get protected by my GPG key. I create a text file with a GPG encrypted block inside that contains the password. Easy to backup, printable, faxable, post them around town, etc. As long as I have my GPG keys, I can retrieve those passwords.

Websites? Same deal. I create a random password (different for each site) and have Firefox memorize it (as well as storing it in a GPG protected text file). After all, if I'm locked out of a forum for a day or two until I can get back to my laptop - who cares? I'd be hard-pressed to tell you what my slashdot password is, I'd have to go decrypt that GPG block first.

It also helps to have a good little password generator. Something with around 300k+ words where you can tell it how jumbled up to make things along with length, random symbols, random capitalization and insertion of numbers or letters in the middle. Whatever you use needs to be quickly accessible for times when you need a random password.

Re:No way.

[Bastard+of+Subhumani]

I keep mine in my luggage.

Same as in Linux

"the user appears to be allowed to enter up to a 16-character password. AOL's system, however, doesn't read past the first eight characters."

So that's the same as in most (all?) Linux distributions by default.

Re:Same as in Linux

> So that's the same as in most (all?) Linux distributions by default.

Was that a question or a statement?

No linux distro that I have used in the past 8 years hashes only the leading 8 chars of a pass phrase. Even so a strong 8 char password is still a strong password (eg: *_Jilt3d) or even better with non-printable chars.

Re:Same as in Linux

[Bastard+of+Subhumani]

Even so a strong 8 char password is still a strong password (eg: *_Jilt3d)

It isn't if you're relying on the part after the eighth character to make it strong and the system is silently ignoring that part.

Re:Same as in Linux

A statement, but I wasn't sure if all distributions are like this, hence the question mark. Anyway I have seen this behaviour not very long ago in either SuSE or Ubuntu.

Re:Same as in Linux

[ettlz]

still a strong password (eg: *_Jilt3d)

Trying to tell us something?

Re:Same as in Linux

[julesh]

So that's the same as in most (all?) Linux distributions by default.

Not since some time around 2000 when all of the major distributions switched from DES to MD5 authentication. Some major Unix vendors do still have the issue, though.

Re:Same as in Linux

Well, a strong 8 char password cannot be "relying on the part after the eighth character to make it strong", as it only has 8 characters.

Re:Same as in Linux

[zippthorne]

You're calling a 1337 5P34K word with two ascii characters tacked on to the beginning, "strong"? Yeah, I'm sure no one doing dictionary attacks has a leet word file.

If you want a secure 8-character password, use something like,

dd if=/dev/random bs=1 count=50 | strings -n 1 | tr -d "[:cntrl:]" | sed "s/(.{8}).*/\1/"

which yielded, b&9y@)HN just now. Humans are lousy password pickers, because we automatically patternize everything we see or create.

or better yet, tell strings to pick out 8-bit characters, too and get something like: ,Mu--xÝZÀ

although that and non-printable are probably not the greatest of ideas, because they're usually non-typable (or at best typrobatic) too.

Re:Same as in Linux

A password that contains lower and uppercase alpha, numeric and punctuation chars is considered strong. Random passwords are stronger but only of practical use with a keychain or password manager which have their own security implications. We both know this, so what's your real nit-pick?

Any auth system that doesn't set off alarms when some script kid is trying to brute force it is a joke. Also it's wise to stick to ascii chars for internet account (IM, web signups etc) passwords, otherwise you risk crappy code silently dropping half your pass prior to hashing. Non-printable chars are security by obscurity, a good idea for OS logins only because script kids often don't think to check for them.

Re:Same as in Linux

[kalidasa]

Humans are also very bad at remembering random strings, so no, don't use the shell script posted in the parent, as it will lead to a password you'll have to write down, or will use for everything and never change. Use combinations of words and special characters, like "&URA*2me" or some such thing.

Re:Same as in Linux

[EvanED]

A password that contains lower and uppercase alpha, numeric and punctuation chars is considered strong.

1337ing words doesn't count though. It's probably good enough for almost anything, but not good enough to stop a determined hacker.

Any auth system that doesn't set off alarms when some script kid is trying to brute force it is a joke.

Doesn't help if it's an offline attack.

Non-printable chars are security by obscurity, a good idea for OS logins only because script kids often don't think to check for them.

Non-printable chars also increase the key space.

Secondly, security by obscurity isn't a bad thing. It's tossed around as if it's worthless, but it's not. You just can't rely on said security for your whole system.

But I'm not sure non-printables are worth the hassle. I set my Unix password to something with an escape once, but just had to go and change it because when I typed it into the password box in the SSH client that I use, esc acts as cancel.

Re:Same as in Linux

[linvir]

bash-3.2$ dd if=/dev/random bs=1 count=50 | strings -n 1 | tr -d "[:cntrl:]" | sed "s/(.{8}).*/\1/"
sed: -e expression #1, char 14: invalid reference \1 on `s' command's RHS
50+0 records in
50+0 records out
50 bytes (50 B) copied, 0.00041852 s, 119 kB/s
bash-3.2$ what the fuck is this? I wanted a password, you piece of shit machine

Re:Same as in Linux

> 1337ing words doesn't count though.

Not alone no but as in the example it increases the key space. Passphrases with additional chars =h3|L() are not going to be found by a dictionary attack leaving the attacker no choice other than brute force.

> not good enough to stop a determined hacker.

The attacker still has to brute force the passphrase and any sane security policy will detect the attack.

> Doesn't help if it's an offline attack.

That's not what we're discussing.

> Non-printable chars also increase the key space.

True but increasing password length by 4 chars is stronger.

> Secondly, security by obscurity isn't a bad thing.

Never said it was ;-)

> I set my Unix password to something with an escape once, /me claps

I used to use non-printable high ASCII but eventually I just settled for longer pass phrases except in rare circumstances. There's no good reason to drop chars from a password that only exists as input to a hash function. Nonetheless many web apps do so and in any case I use alt+2 to switch browser tabs.

Re:Same as in Linux

[EvanED]

The attacker still has to brute force the passphrase and any sane security policy will detect the attack.

True, but that's also the same if you don't replace characters. If you do your typical 1337 substitutions (e.g. e->3), you just need to do a more sophisticated dictionary attack. Probably increases the keyspace by a couple dozen times at most.

Matt Bishop gives a list of passwords that are easy to guess, at least for an offline attack; it includes "dictionary words with some or all letters capitalized" and "dictionary words with any of the following changes: a->2, e->3, h->4, i->1, l->1, o->0, s->5 or $, z->5"

True but increasing password length by 4 chars is stronger.

Agreed, but if you're on a system that limits you to, say, 8 characters, you don't have much choice. (Like, say, the Penn State CS dept, at least as of a couple years ago.)

Re:Same as in Linux

> If you do your typical 1337 substitutions (e.g. e->3), you just
> need to do a more sophisticated dictionary attack.

I agree. I just don't think dictionary attacks are viable when there's unrelated non alpha numeric chars in the pass phrase.

> Agreed, but if you're on a system that limits you to, say, 8
> characters, you don't have much choice.

Obviously then the additional keyspace is worthwhile, there are other situations where it can be used to enhance security. For example some chars can not be entered via popular GUI tools but can via the cmd line (and vice versa). I've also seen network devices where you can not disable the web interface but can login via telnet and set a password that will never pass the CGI ;-)

Re:Same as in Linux

Well don't pipe it through sed. that was just there to limit it to 8 characters. You could also try using the -r switch in sed. There's probably a better way to do this, but quick and dirty is my rule of thumb for throwaway bash scripts.

The 50+0 business is just statistics that dd likes to throw at you. It goes to the standard error rather than the standard output, so you could just stick a 2>/dev/null on the end there to silence it. or you could use status=noxfer as an option to dd to disable it.

Re:Same as in Linux

[EvanED]

I just don't think dictionary attacks are viable when there's unrelated non alpha numeric chars in the pass phrase.

I agree there, at least if it's not something predictable like a couple numbers at the end of a dictionary word.

Re:Same as in Linux

[linvir]

dd if=/dev/random bs=1 count=50 status=noxfer 2> /dev/null | strings -n 1 | tr -d "[:cntrl:][:punct:]" | sed "s/(.{8}).*/1/" && echo

Finally got it refined so it just outputs a password and a newline.

Re:Same as in Linux

[the-stringbean]

A better solution is to pick an easy to remember phrase or quote, take the first letter of each word and then jig it around a bit.

An example of this would be taking the line "Dulce et decorum est pro patria mori" from Wilred Owen's poem. This could be converted into the password Ded&ppM!

As long as you pick a memorable phrase and you use semi-intelligent substitution for non-alphanumeric character, you will have a strong password that is resistant to dictionary attacks and easy to remember.

Re:Same as in Linux

[delvsional]

i don't know about you but the first 8 letters of my linux password don't get me anywhere. it has to be typed in completely

Standard crypt problem

[AEton]

This is not that unusual.

We switched to a new content management system and gleefully informed users that their new default password was (an organization-standard eight-character string) followed by their username.

We realized something was wrong when someone noticed that all the password hashes were the same.

(The fix: find a new better hash function.)

Re:Standard crypt problem

[Alioth]

Not only that, it either didn't have a salt or the salt was invariant.

Re:Standard crypt problem

[dohzer]

My recipe for hash definitely uses salt.

http://www.mspong.org/cyclopedia/cookery.html#hash ed_beef

Re:Standard crypt problem

My recipe for hash definitely uses a sieve - unless you have a pollenator.

Re:Standard crypt problem

[fimbulvetr]

If whomever chose "crypt" is also the party that wrote the autentication/authorization system, I'd be very scared. They must have no experience in those areas.

Re:Standard crypt problem

[EvanED]

It sounds like this isn't the case here (if it's a web application), but there are very good reasons for not using a salt while hashing passwords.

Not salting passwords is why Kerberos works.

Re:Standard crypt problem

[Comatose51]

Maybe they forgot to salt the password first before hashing?

Re:Standard crypt problem

my recipe for hash involves lacing it with PCP.

Re:Standard crypt problem

[FutureDomain]

(The fix: find a new better hash function.) How about using the following algorithm:

passwordHash = WHIRLPOOL(AES(SHA256(password), salt));

The WHIRLPOOL hash produces large 512-byte hashes, the AES slows down the password generation (to prevent brute-force cracking), makes the input to the WHIRLPOOL function large, and hides the salt better than simple concatenation. The SHA256 makes any length password 256-bytes for the AES and further complicates cracking and reversing attempts.

Any suggestions?

Re:Standard crypt problem

How about using the following algorithm:

passwordHash = WHIRLPOOL(AES(SHA256(password), salt));

The WHIRLPOOL hash produces large 512-byte hashes, the AES slows down the password generation (to prevent brute-force cracking), makes the input to the WHIRLPOOL function large, and hides the salt better than simple concatenation. The SHA256 makes any length password 256-bytes for the AES and further complicates cracking and reversing attempts.

First, you are dealing with bits, not bytes.

1. Switching to 512 bits is pointless when you limit the input to 256 bits. WHIRLPOOL also has known weaknesses with short inputs.
2. Am I correct that you're using the salt as the key to AES? That being the case you're putting an upper bound on the size of the salt.
3. AES is not a hashing algorithm so it is questionable if it would add any value to your hash.
4. Many cryptographic systems have similarities so it is possible that limiting the initial input to 256 bits and then running the result through other functions could have an interaction effect that will make the total system less effective than SHA256 by itself.

Think about it, hashing functions lose information. Running the result through another hashing function loses even more information.

Re:Standard crypt problem

[scrod]

Any suggestions?

Yes, use PBKDF2. It was engineered for the very reason of reducing the effectiveness of password-based attacks. You can produce a key of any length using any number of desired iterations, to allow scaling with advances in microprocessor efficiency. You can use any HMAC you want, including Whirlpool (see derive_key_whirlpool in Truecrypt's source: Common/Pkcs5.c as a starting point).

Re:Standard crypt problem

[FutureDomain]

Am I correct that you're using the salt as the key to AES? That being the case you're putting an upper bound on the size of the salt. No, you're incorrect. I probably should have made the argument order more plain, but the salt is the plaintext and the SHA256 is the key. The reason I ran it through SHA256 is to get a 256 length output, the maximum key length for AES, and to slow the process down a bit to give password crackers a harder time. The reason for AES is to make the process take longer and to make the input for Whirlpool more random than a simple concatenation. If I just ran Whirlpool(key + salt), the whole system would rely on Whirlpool being uncrackable. By using three algorithms, I am assured that no one can use a weakness in a single algorithm to reverse-engineer the hash. The biggest problem would be a small salt value weakening the Whirlpool, since as you said, it has known weaknesses with small values. Either a large random number stored in the password database (like /etc/passwd used to be) or using SHA512 or another large hash value on an id, username, or email in the database.

"its funny, laugh"

[nurb432]

I think this got mis-categorized.

That's YOUR password?

[martyb]

"Me too!" :^)

Re:That's YOUR password?

[Jim+Hall]

That's ok, I logged in and changed it for you. :-)

Re:That's YOUR password?

[lullabud]

Let me guess. You changed it to the output of the original password fed into ROT26?

Spelling

[daybot]

No, whats really embarrassing is mis-spelling that very word in the title of a Slashdot article

Re:Spelling

[Hebbinator]

Gotta get a spell check.

I spent all day yesterday giggling at "eLfavirenz" (its efavirenz- no L). While HIV/AIDS is far from a humorous disease, images of brazilian midgets with big ears and curl-toed shoes sneaking around with big bottles of pirated protease inhibitors kept jumping in my head.

For a second treat, google ELFavirenz and see the 260+ web sites that took the exact same text and put it up after /.'s error!

Re: same in the default install of solaris 10

Same problem in a default installation of Solaris-10 as well.

Ahh fixed the summary...

[The+Living+Fractal]

Well, it turns out that when someone signs up for an AOL.com account, the user has sold their digital soul to Satan.

I *still* cringe to this day when someone asks for computer help and it starts out with "Well, when I log on to my AOL..."

TLF

Luggage...

"password123"

That's the same password I use on my luggage!

I guess this means that AOL has gone from "sucks" to "blows"?

Re:Luggage...

That's the same password I use on my luggage!

Yes?? Mine's 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 :p ..

Even better

[AndrewM1]

I can do this one better. I signed up for some game known as MapleStory a while back, submitting the password "DaedAEcarECel40s".

I quickly found that I could not log on to my account. I was wondering whether I misspelled my password or something, when I noticed (while reading the FAQ) in small print "Passwords must be 8 characters or less." Now, no warning of this was given anywhere on the sign up form.

In shock, I realized what the issue must have been. Sure enough, trying to log on with password "DaedAEca" worked like a charm.

Yes, not only did they not warn the user that there was a maximum on the password length while signing up, and not only did their form accept my 16-char password, but it actually would not let me log in with the full password. Man, I was pissed and confused for a while...

Re:Even better

It's the same thing with msn messenger. sign up with a really long password, and you're locked out.

Re:Even better

> It's the same thing with msn messenger. sign up with a really
> long password, and you're locked out.

But surely that's a good thing?

Re:Even better

[db32]

I really hope you don't use this password anywhere else. In fact I am curious to see how many people just tried to log into your slashdot account using that password. Maybe even hitting the MapleStory site just for a few random attempts as well :)

Re:Even better

[rriven]

My bank did the same thing (USAA). They kept posting on their webiste they were upgrading the security so figuried it would be a good time to change ny password to a 14 char/digit/symbols.

I could not log in that day and I didn't have time to call their support line. The very next day when I tried it I noticed that they put a length restriction on the password box of 12 and then I could log in.

When they "upgraded" their security the backed cut everyones password down to 12 but the web form still let you put in 20 chars. I am just glad they fixed it in one day.

Re:Even better

[that+this+is+not+und]

I had something like this, only with my username, happen on Freeshell. I established my account but set it up with a nine-character username. The first time after setting it up (after sending in the registration info to get a 'full' Freeshell account) I tried logging in. It wouldn't accept the username until I truncated it to the first eight characters. I got pretty frantic for a few weeks before figuring this out. Freeshell runs on NetBSD.

Re:Even better

[jeoeoeoeorb]

This happend to me for the admin password of a 3Com NBX-100 PBX system. I sweating because I thought I bricked the clients unit. Man I was pissed!

Re:Even better

[JNighthawk]

And then there are some more Korean MMOs where both user/pass are required to be all lower-case, thus eliminating a whole range of options. 8 lower-case alphanums is 36^8 vs. 8 any-case alphanums is 62^8.

Re:Even better

[Old+Wolf]

Yes, not only did they not warn the user that there was a maximum on the password length while signing up, and not only did their form accept my 16-char password, but it actually would not let me log in with the full password

When signing up with Absolute Poker, I created a password with a comma in it. It accepted it and created the account.

Then I went to log in. After entering my password, I got an immediate error "password may not contain comma" (or other characters). I had to manually request support to assign a new password, which took several hours.

Radius?

[cluge]

I believe the original RFC for radius only looked at the first 8 characters. It would not surprise me if AOL was using a tried and proven radius solution, and never bothered to update. I'd be interested to know the results if one was to choose a long password and then

1. Log into AOL and only use the first 8 characters
2. Log into the AOL webmail and only use the first 8 characters.

This may indicate if the limitation is the sign in solution, or the entire userdb backend.

cluge

Re:Radius?

[juggler314]

Man I noticed this years ago, wish I had thought it was important enough to write up about then maybe I could have had my own slashdot posting!

(and yes that...sickeningly...means I actually used AOL for some time...)

I had a problem logging in to the AOL webmail because it *does not* truncate to the first 8 characters and I *thought* my password was longer than 8. Thus logging into the AOL app worked fine, but I had to manually truncate to 8 characters to get webmail working.

I thought it was a problem on my end so I IM'd support. After a few painful minutes of trying to work with that moron I figured out what it was...and suggested they add it to their help notes for the next time someone calls in on it.

Re:Radius?

[Ziwcam]

1. Log into AOL and only use the first 8 characters

My AOL password happens to be exactly 8 characters long. When I tried salting it with asdf afterwards, the OS X AOL client (which I havn't opened in a year, mind you :-) will not accept characters after the 8th.

2. Log into the AOL webmail and only use the first 8 characters.

In this case, salting with asdfasdfasdf results in an error saying the password must be 16 characters or less, so salting it with asdfasdf (making the attempted password exactly 16 characters) I'm still allowed to log in, even though my true password doesn't contain the asdf's, and is only 8 characters long.

Its actually worse than that

[imunfair]

It's worse than they make out. Back in December 06 I posted a synopsis of how the password hashing on AIM works. They ALSO remove all the 'weird' (read: non-alphanumeric) characters. So your "eight characters" may actually be only six or four - since it cuts the password down to eight before it removes the weird ones.

They also don't hash passwords anymore in your registry from AIM6 onward. They encrypt them, but that's a lot easier to get around than hashing.

If you really want a more detailed explanation you can take a look at the 12/29/06 and 12/30/06 posts on this page - http://tsourceweb.com/ - but what I already mentioned is the crux of the issue. (We all know people on Slashdot dont like to read articles anyway ;)

Re:Its actually worse than that

[bot24]

The stored password in the registry cannot be a hash unless the authentication system on the remote end will accept the hash in place of the actual password, which is only marginally better than storing the password in plain text. Without some keychain system, the password cannot be encrypted and then decrypted again unless the decryption key is accessible to the user or the key is stored on the server, meaning that you only need the "encrypted" password to authenticate yourself. Depending on how the password is encrypted, the new password storage system could be worse than the old one.

Re:Its actually worse than that

[imunfair]

Before AIM6 the servers did accept a hash for login, but that's all you can do with it. (You can send a change email request with it, but that takes 72 hours and the user can cancel it during that time)

AIM6 decrypts the password each time you log in and sends it plaintext over an SSL connection. I'd venture that storing a hash is more secure, because at least you have to crack that before you can change the user's password.

I can't think of any situation where a password stored plaintext or encrypted would be a better option than some type of stored hash.

Re:Its actually worse than that

[resequenced]

I can't think of any situation where a password stored plaintext or encrypted would be a better option than some type of stored hash. If you're storing a hash that is useful in some way (i.e. for logging in), then it really isn't any better of an option than storing a plaintext password. Since a hash isn't (or, at least, shouldn't be) reversible, storing it doesn't help you UNLESS it itself is useful information.

The point of a hash, at least when considering security and passwords and the like, is to create a secure representation of some piece of data that can be safely stored. If you can use that data to actively DO something, then it's not secure.

At least encryption requires decryption before you have useful information, and regardless of how trivial the effort to decrypt might be, that is often enough to discourage people from looking further.

Re:Its actually worse than that

[jesup]

If this really is an artifact of the old 'core' of AOL, then it's probably due to the original password functions we put into PlayNET back in 1984-1985. (For those that don't know, AOL was originally a port of QuantumLink to the PC, and QuantumLink was licensed from PlayNET. See http://en.wikipedia.com/wiki/PlayNET.)

The original core was all done in PL/1 on Stratus fault-tolerant minicomputers. They continued to run the core up until a few years ago, but much of the design was so ingrained that it continues to exist in places until this day. That was why it took so long to have more than 10-character usernames, and why last I checked (a couple of years ago), the login protocol still 'uses' my old error-correcting protocol from PlayNET, which was designed to allow error-free communication across non-corrected 300 baud modems (sliding windows, piggybacked acks, CRC-16, special tricks to avoid 0x0D/etc (because Tymnet/Telenet/X.25 pads took that as a "forward the string" code).

Re:Its actually worse than that

[linhux]

They also don't hash passwords anymore in your registry from AIM6 onward. They encrypt them, but that's a lot easier to get around than hashing.

Well, this is usually a trade-off between being able to have a secure authentication procedure (using challenge-response authentication) or not having to store the password in cleartext at the client. If you hash the password, you can't do a challenge-response authentication on that password (since it would need the cleartext password to be available at log-in time - you could do it using the hash, but then it'd be just as sensitive information as the password itself).

Re:Its actually worse than that

[Chris+Pimlott]

Ah, so I have you to thank. I forgot my AIM password long ago, but I had set it to be remembered in Windows. So while I could still use it there, I was shut out on any other computer or OS. Using the information on your page, I was able to crack my own password by reversing the second hash (alphanumerics only) using tmto.org's impressive MD5 hash database. The partial plaintext I recovered was then enough to jog my memory and remember what I had set it to originally. And now I can login to AIM again without using the default client.

So, thanks for the informative webpage. It's scary, though, how much that bizarre hashing method they chose severely weakens the hash strength.

Worse than it sounds?

[Jugalator]

For random passwords, I guess 8 characters are still OK, but it's worse if you pick "smart" combinations of words and numbers, like "computers4life" or "jennifer2007". With dictionary attacks adapted for these lengths, they'd only need to check for the first 8 and it would be "computer" and "jennifer" in this case. If you further adapt the attack to only look for e.g. ratios of 4:4 with first 4 being a word and remaining 4 being random, and so on for 5:3, 6:2, 7:1, and 8:0, you also catch circumstances where users have picked passwords like "love4u2007", which would be caught in the "4:4" attack as "love" + "4u20". Maybe that's still secure enough, but this sounds a bit risky when using word passwords, even when mixing with numbers to avoid dictionary attacks, especially with this limitation.

same thing at UC

[legoman666]

I got to the University of Cincinnati in Ohio and I noticed this same problem. Anything after the first 8 digits of the password is ignored. So "lawlpewpew" is the same thing as "lawlpewpewLAZERBEAM". I emailed the IT tech support people asking them about it, but all I got in reply was some default, automated response. In the end, they didn't do anything to fix it either.

Re:same thing at UC

[UCInfoSec]

Hello Legoman666,

I am a rep from UC Information Security. Our department had not been informed about the alert that you mention above. We would like to get more information about what you found so we can determine what step should be taken. Please contact me at infosec@uc.edu to register your discovery directly with InfoSec (so it doesn't get lost in the shuffle). Thanks.

Regards,

Quinn Shamblin
Information Security - University of Cincinnati

Re:Not alone, Apple too

[Branka96]

Apple's OS X had the same problem until 10.3. See Apple KB article

This is AOL we're talkikng about...

[ZeldorBlat]

Do you really think the type of people who use AOL would use a password longer than eight characters anyway?

Re:This is AOL we're talkikng about...

[eli+pabst]

Do you really think the type of people who use AOL would use a password longer than eight characters anyway?

You've obviously never used AOL, have you? OMGWTFBBQ is clearly 9 characters and is assuredly the most frequently used password.

At a certain university,

[MulluskO]

At a certain university, this was also the case.

The flaw in question seemed to apply only to a web mail client which they are in the process of phasing out in favor of an open source solution, which is pretty interesting because it's the first I've seen which has support for S/MIME.

Presumably, the older system will be brought off line soon, as the flaw has been known for some time.
When signing on in front of people who didn't know about the flaw, it was fun to make them think you had a password in excess of thirty characters.

Ditto NT4. Sort of.

NT4 broke a 16 character password and separately hashed the first and second parts so you could attack them separately. This is why passwords > 8 characters were recommended. Better than TFA, and (thankfully) fixed in NT5.

Worth remembering if you still have any NT4 servers in production.

Re:Ditto NT4. Sort of.

[kestasjk]

I think you've mixed something up.

The Lanmanager hashing system breaks the password up into two 7-char sized chunks, converts them to upper case, and hashes each separately, and XP still uses Lanmanager hashes if you don't explicitly tell it not to (by changing a registry setting).

The first 14 characters are still used in Lanmanager hashes though, so this is only a security hole if the attacker can access the hashes.

Re:Ditto NT4. Sort of.

[belrick]

The first 14 characters are still used in Lanmanager hashes though, so this is only a security hole if the attacker can access the hashes.

And don't the hashes fly across the network in the clear (unless you are using Kerberos in a non-compatibility mode?)?

Re:Ditto NT4. Sort of.

[Tony+Hoyle]

Yes. I routinely ran a program on our network and got a list of weak passwords... the offenders where then given a LART.

I had to time limit that program because if you just let it process overnight it found *every* password including the 'secure' admin one...

Re:Ditto NT4. Sort of.

[glitch23]

XP also only sends LM (and NTLM) responses by default and no requests so although it can be said that XP uses LANManager hashes it only partially does so. By the way, Vista by default is configured to only use NTLMv2 responses only so it doesn't use LANManager at all by default. And although these can be changed using registry settings the easiest way (especially if you have multiple machines on a domain) is to use Group Policies.

Re:Ditto NT4. Sort of.

By 'this' do you mean AOL's password woes? If so, think again, and please read TFA...

Re:Ditto NT4. Sort of.

[spx]

"The first 14 characters are still used in Lanmanager hashes though, so this is only a security hole if the attacker can access the hashes."

That might be a good point, but if it gets hacked its still an issue. If there is a chance it can happen, more than likely, it will at some point or another.

AIX

[Sp00nMan]

The latest AIX 5.3 has this same stupid limitation too. It's driving us nuts at work cause we authenticate to Active Directory which supports long passwords, but AIX only cares about the first 8. Ridiculous.. We had to purchase SpecOps and force AD to limit to max of 8 so that users would be forced to have a unique password everytime. We contacted IBM and they said they had no plans on fixing this.

Re:AIX

[1s44c]

You could always fix your pam stack instead of adding limitations to AD.

Re:AIX

[Sp00nMan]

Not without invalidating any support from IBM in the form of patches and whatnot.

Re:AIX

[buchanmilne]

Ah, but this is a different issue. This is some proprietary Unix password input functions only reading 8 characters, whereas the AOL one is more likely the crypt()-type problem of discarding all but the first 8 letters when hashing the password. Your case there isn't much you can do (as the input is discarded), but in the 2nd case, authenticating against anything but the local passwd/shadow file would fix it (e.g. pam_krb5 or pam_ldap would respect all the characters).

Another reason not to use proprietary Unix (AIX, HP-UX) where SAOX is an issue (and avoid authenticating locally on Solaris up to at least Solaris 9, maybe even 10).

This is...

...exactly what I thought was happening all along. I've only recently broken free of AOL Dialup and Broadband, and I suspected that this sort of problem was at hand. Is AOL working on fixing this at all? It'd be good to know.

Found this last year.

[BrianRagle]

I believe I encountered this last year when I was trying to set my wife's AIM account up on her iChat client. She has been typing the long version of her pass into the AIM client, which apparently wasn't reading past those first 8 characters. When we tried it in the iChat client, it kept spitting it back out as being incorrect. We eventually had to change her pass to a shorter one to get it to work.

DES passwords

[1s44c]

The fact that DES passwords are 8 characters long and anything over the first 8 is silently ignored is well known.

Am I alone here in remembering the old slashdot? It used to be IT stories for IT professionals and hobbyists. Now it's dumbed down stories for help desk wannabes.

Whats next? A story on how the letters look weird with the caps lock on?

Re:DES passwords

[Calydor]

Don't you mean they look weird with Caps Lock off? ;-)

Re:DES passwords

[that+this+is+not+und]

No, what I mean is it doesn't matter, since I usually read Slashdot from a csh session running Lynx on my Lear-Siegler ADM3, which has it's dip switches set to force everything to ALL CAPS all the time.

Today, of course, I'm on the Silent 700 terminal and cursing everbody with those paper-wasting SIGs in their comments.

Here's Why

[N8F8]

AOL management must make the same assumptions about AOL hackers that the rest of us do about AOL users.

Re:Here's Why

[InsMonkey]

No, they already know that our assumptions about AOL users are correct and they are making money off of that knowledge.

AOL should upgrade their Linux servers

[reybrujo]

At school, back in 1998, every Linux distro we installed used to have that limitation, a limitation in the encryption routine, and a rationale something like a longer password being easier to crack. It would not surprise me if AOL were still using Slackware 2.0 ;-)

Re:AOL should upgrade their Linux servers

[ivan256]

a rationale something like a longer password being easier to crack.

The rationale was compatibility with other UNIX-like systems, but it went away when MD5 hashing became popular and PAM was introduced. By 1998 most Linux distributions had already switched (but probably not Slackware). The rest all had it as an option. If you have a linux system today that you've upgraded repeatedly since back then (or kept the passwd/shadow files), you probably *still* have the limitation unless you forced your existing users to change their password.

Re:AOL should upgrade their Linux servers

[Glytch]

Slackware still doesn't have PAM, thank god, but does use MD5 by default.

adventure games

I seem to recall several adventure games from back in the day (Sierra and/or Infocom, IIRC) had a similar parsing problem with text commands. Of course, they weren't nearly as severe as this password problem. And in fact, if you knew about them, they made typing things in a whole lot easier...

Mitch Hedberg

[Himring]

Reminds me of that Mitch Hedberg joke:

"You know when a company wants to use letters in their phone number, but often they'll use too many letters? 'Call 1-800-I-Really-Enjoy-Brand-New-Carpeting.' Too many letters, man, must I dial them all? 'Hello? Hold on, man, I'm only on "Enjoy." How did you know I was calling? You're good, I can see why they hired you!'"

RIP Mitch

Same goes for cbb.dk :(

[mutende]

This means that a user who uses "password123" or any other obvious eight-character password with random numbers on the end is in effect using just that lame eight-character password.

The same thing goes for the Danish mobile operator CBB. :(

Flat Out Wrong - Read

[madsheep]

First, this article is flat out wrong and I challenge you to try it yourself. The AOL service will only allow up to 8 character passwords for e-mail related items. My password for my AIM clients has always been greater than 8 characters and I *cannot* log into anything without typing the entire password. This includes any web-based service at *.aol.com (primarily controlled by my.screenname.aol.com). I am a bit perplexed at where this article is getting its information.

br/>
A few test cases to pay attention to:

1) Sign up for an AOL mail account https://new.aol.com/freeaolweb/?promocode=814322&n cid=AOLAOF00020000000602

Notice it only allows you to choose a password that's 6-8 characters, just like the AOL service itself. So now try and login with your password that's 6-8 characters, but add a few more. It lets you in right? Ok, so do this... reset/change your password now. Click "Forgot my Password" or whatever the link is called. Go through the questions and set a new password. Oh wait, notice it only lets you pick a 6-8 character password.

What does this mean? It means for AOL-service based/AOL-mail based accounts, they only allow 6-8 characters for the password! Who cares if it accepts extra characters. There is a 6-8 character limitation. It's absolutely irrelevant that it accepts additional characters.

They seem to be confusing this with AIM-only based accounts, which allow up to 16 character passwords and DO NOT allow anything more or anything less than the *EXACT* password. Try it yourself. If my AIM password is "pCv921!$z" it will reject me if I put "pCv921!$" and it will reject me if I put "pCv921!$z44". This is not that big of a deal and certainly isn't embarrassing. This is flat out a difference in AOL's mail-based system vs. AOL's AIM-based system.

Want to know a big shocker about AOL's mail-based system that they didn't figure out and report on that *is* embarassing?

These AOL.com (mail-based) and AOL-service based account are *NOT* case sensitive. That's right, try and make your password with some uppercase letters. It doesn't make a difference if your 6-8 character password has uppercase letters or not. It doesn't recognize it! I didn't check but I don't believe it recognizes special characters either. So your character set is a-z0-9.

Chew on that. Steven :)

Re:Flat Out Wrong - Read

[The+MAZZTer]

1) Sign up for an AOL mail account

Just be warned if you decide to abort partway through the process (I was desperate for free internet access, but not enough to give up my CC info) they will STILL KEEP THE INFORMATION YOU ENTER. I got a phone call several days later from a rep with a sales pitch.

Although this was 3 years ago I don't think they'll have changed it...

Re:Flat Out Wrong - Read

[jmauro]

Have you considered that AIM uses a different password system than AOL Dialup? That way your AIM would still work, but AOL proper wouldn't.

Re:Flat Out Wrong - Read

[madsheep]

Yes, absolutely. This is how I am trying to make a distinction between service/e-mail-based system and AIM-based systems. I am not sure of how to better word this. It appears some of these tie into the legacy system. This is similar to Basic Auth, but worse. There is no disctinction between uppercase and lowercase characters. However, I am not quite following Brian's blog to make this a huge security risk as they do not accurately make the distinction between the two systems or even recognize they exist.

Re:Flat Out Wrong - Read

[Cap'nPedro]

If this is true, it means the keyspace is only 2,901,650,853,888. Assuming passwords are hashed as MD5, using only one PC, it would only take about 5 days to brute-force a password. That's bad.

Embarrassing?!

[morari]

What exactly about AOL isn't embarrassing?

Re:Embarrassing?!

the Netscape division?

Oh.

mod parent up

It's for a duck!

MySpace

[JJJJust]

MySpace has this same defect/error/bug/"feature for the young memory deficient" as well... Their passwords aren't case sensitive and only read X characters no matter how many you type... And you wonder why people are always being phished/hacked...

Re:MySpace

Actually a major reason why so many people get phished on MySpace is that there are at least 2 long-standing exploits (that I know of) which make it fairly easy to steal login cookies. One works by linking to a malicious .swf promising to let you see who's viewed your profile or suchlike, the other uses mangled HTML to disguise a form submission as an image. Setting these up is a simple downloading a widely available phishing pack and following the instructions.

Of course, a lot of noobs also fall for less sophisticated phishing sites that simply claim to let you bypass school content filters that block myspace or whatever.

myspace

i've seen the same sorta thing with myspace,
one my pass was autofilled, then i typed it a second time after and hit enter.
i got in fine.

VNC too

[semifamous]

I wish someone would fix that issue in VNC so that it required more than eight characters. That seems especially bad and worth fixing, but nobody has done it yet.

Please, if the slashdot community is going to complain about how stupid password limits are, can someone fix the open source projects that have the same issue so that we can't point and laugh at that too?

Re:VNC too

that password fits the "security" of the app
ie there is none... so a simple password is all thats needed

you shouldnt be using VNC w/o a ssl tunnel?

CaPCtHA(w/e): inaction!

Re:VNC too

[Arimus]

Try ultravnc...

Re:VNC too

[jZnat]

Tunnel VNC over SSH. Problem solved.

This is also a good method for solving many other password-based issues. You can also use things like stunnel to encrypt any generic service via SSL/TLS/IPsec/etc.

Re:So, now we can't count?

[FishWithAHammer]

You're an idiot. 'password', the eight-character segment that actually counts, is extremely common.

Thank you /.

[g0dsp33d]

Hello, this is AOL tech support... we have lost our database for user names, your account will not function unless you give us your account name and the first 8 letters of your password for confirmation... Maybe I'll ask for credit cards too...

Re:Thank you /.

[wkitchen]

Maybe I'll ask for credit cards too...

You can ask for that on the secondary "account re-enable" page (accounts.aol.com).

Re:So, now we can't count?

[someone1234]

Any obvious 8 character password [plus arbitrary crap]. Please notice that 'password' is 8 characters. Are you really so dense or just picking nit?

Bah! Humbug!

When I was your age, we had to change our passwords twice a week, and we damn well liked it that way!

VNC...

[NNland]

Official versions of VNC from AT&T and later RealVNC had similar password limitations, though I can't remember if it was 7 or 8 characters. All I know is that it gave me a good reason to switch to UltraVNC, which used the native login API on whatever OS it was running.

uhm.

I've had an aol account since the mid ninties, I don't really use it anymore, but the password's only 4 characters.

I wonder how many other people have 'older' aol accounts and haven't changed their passwords.

Bzzt - wrong - Re:Not alone

The old 8 character limit for crypt() passwords has nothing to do with sending them over the network. It has to do with how crypt() used DES to produce a one way hash function. DES encrypts in 64bit chunks at a time. The password you enter that gets fed into crypt() is fed in as a block for DES to encrypt. A 64 bit block, with 8 bit characters, yeilds what??? An 8 character password.

Simple as that.

Re:Bzzt - wrong - Re:Not alone

But you can use crypt twice for 16 character passwords but you get different results... so the hash results aren't compatible so it broke things like yellow pages.

Editor's embarrassing spelling

[noidentity]

Spelling checker anyone?

Not just AOL .. there are many others too

[shreyasonline]

There are many other service providers that have this stupidity. Like in India we have SIFY NET which is having same problem, its reads only first 8 chars of password.

Amazon?

[seandiggity]

A comment on the article page says Amazon has this crappy truncating problem too...can anyone verify this?

Re:Amazon?

[amaiman]

I had to enter my entire password for it to take it, so, no, it doesn't look like Amazon has the problem (my password is more than 10 characters).

Re:Amazon?

My password is longer than 8 characters, and I can login using only the first eight.

Mod Parent Up

Seriously. AIX was the first thing I thought about when I read this story. I mean, I feel like we could expect this from a security-hokey operation like AOL, but AIX? I mean, fine, you're an IBM product that people [like/HATE] and are a [admirable/FOOLISH] attempt to make your own OS instead of just using a legitimate one, but you're at least PRETENDING to be a *NIX, so why can't you handle a password longer than 8 letters? It BOGGLES THE MIND.

Old adventure games

[Michael+Woodhams]

Old text adventure games were often like this. You'd type in an entire sentence, but the computer would only look at the first three letters of the first two words. I remember using "drink white paint" to drink the whiskey. (This was back when the final resting place of outdated computer games was not the $10 bargain bin, but rather having the entire source printed in a computer games magazine so people could type it into their Apple II.)

I think that Infocom, being the class act of text adventures, didn't suffer this "feature".

Re:Old adventure games

Infocom's games cut off words after 9 characters, IIRC.

Modern games using the Z-machine come with this limitation as well. (2001's Walkthrough Competition involved writing a game or transcript of game around a given walkthrough, where one of the words, playing on this, was 'ANESTHETI'.)

Re:No way. Er Yes way

Another popular passwords were (Unfortunately that might need to be Are!)SEX and FRED.
Look at your keyboard and you will see why.

Re:So, now we can't count?

[Hyperspite]

LOL, back in the day, like 6th grade, my friend came up with a brilliant password. "Just use password!" he said, it's so obvious, no one will ever guess! Gone are those idealistic times...

Also, I double checked - at least ./ isn't case sensitive :)

Real VNC 4

[Das+Auge]

Real VNC 4 has this same problem. One of my clients uses it and set the password to a 12 key entry, with uppercase, lowercase, numbers, and a special character. Too bad most of his non-alphas were at the end...

Similar problem with MySpace

[MahariBalzitch]

With MySpace you can have a password such as "Password123*&%". To login, you only need to use "Password123". Obviously their system does not recognize the extended characters at the end?

And QNX

We have a client that specifies a 9 char password for our machines in the field. Yeah that extra char really matters. I just type the first 8 ... because I CAN. This is for QNX 6.3. Used to be the same for Tru64 I think. Debian Etch is ok, just tested it.

A Note on Password

This has affected all the servers at the Executive Office of the President of the U.S. for a lot of years; since the conversion during the G.H.W.B. term.

A wonderfull thing it is.

The most secret plans of G.W.B and R.C. and the DoD are offerred nightly to the world (even the massuse of Condi - she perfers girls), however, she uses a "body double" for the calling.

Toodles

Insecurity with AOL?

[tubapro12]

Nothing see here, move along.

8 Characters

[Cunjo]

At least it's a serious upgrade from the 6-character passwords AOL used to limit their users to.

Good old IBM

[freeweed]

And in OS/400, passwords aren't case-sensitive. Nothing like reducing your search space dramatically!

AOL

[REggert]

People still use AOL? For heaven's sake, why?

Dog Days of AOL

[bill_mcgonigle]

Do you really think the type of people who use AOL would use a password longer than eight characters anyway?

Sure, plenty of folks have dogs with names longer than 8 characters.

Re:So, now we can't count?

[Ralph+Spoilsport]

no, you're the idiot.

The quote:

This means that a user who uses "password123" or any other obvious eight-character password

note that there is no reference to a section THAT COUNTS, the entire password "password123" was in QUOTES, as in "password123", and therefore, as it is the SECTION IN QUOTES that was emphasized by the author, indicates that the password in question is "password123" not "password". And it doesn't take a degree in math to note that "password123" is 11 characters long.

Think twice before you post. Once would be an improvement.

RS

Why dont AOL Outsource

[the100rabh]

Why the hell is AOL not outsourcing their job...Its better they dont do it....Its just too sad