nanog mailing list archives
Re: Cisco password implementation trubs: weakened strength?
From: Nick Hilliard <nick () foobar org>
Date: Thu, 21 Mar 2013 10:57:02 +0000
On 21/03/2013 10:10, jamie rishaw wrote:
apparently, Cisco is changing its password schemas. old: pbkdf2 by 1k, salted vs New: (type 4) unsalted sha256 .. discuss.?
security advisory:
http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4
which states:
Because of the issues discussed in this Security Response, Cisco is taking the following actions for future Cisco IOS and Cisco IOS XE releases: Type 4 passwords will be deprecated: Future Cisco IOS and Cisco IOS XE releases will not generate Type 4 passwords. However, to maintain backward compatibility, existing Type 4 passwords will be parsed and accepted. Customers will need to manually remove the existing Type 4 passwords from their configuration.
Kudos to Cisco - this was the right thing to do. Nick
Current thread:
- Cisco password implementation trubs: weakened strength? jamie rishaw (Mar 21)
- Re: Cisco password implementation trubs: weakened strength? Nick Hilliard (Mar 21)
- Re: Cisco password implementation trubs: weakened strength? Jimmy Hess (Mar 21)