Administrator Password Bug?

sallamud

Registered
If I go to System Prefs Users panel, bring up myself (the only user) go to edit, and change the password -- let's say to something with 8 characters -- when I exit and return, the password will show as having 12 characters!

Does it always show as having a certain amount of characters for added security?
 
First, of all, yes, the password will always show up with the same number of bullets, no matter how many characters your password really DOES have...

THE FOLLOWING IS A SECURITY WARNING:
Secondly, it's funny you should mention the number of EIGHT characters for a password, because that's all Mac OS X can take... Only the first 8 characters of a password really matter. For instance, if you make your password out to be "password1234", someone can just type in "password" and still log in successfully.
At least, that's what the MacWorld or MacAddict article said... I forgot where I read that.
 
Normally your password doesn't get stored at all for security reasons. Rather a one way hash is generated that gets stored. Whenever you enter a password it gets processed by the same algorhythm and the resulting hash is compared to the one stored, if they are the same, you're logged in.
By default crypt is used to generated this hash and it is generated using the first 8 characters of your password. However authentication in OS X is pluggable, so differen methods may be implemented that work differently.
 
Back
Top