description=This implementation contains only an implementation for the user password syntax, with a storage scheme name of "CRYPT". Even though it is a one-way digest, the Crypt Password Storage Scheme is relatively weak by today's standards. Because it supports only a 12-bit salt (meaning that there are only 4096 possible ways to encode a given password), it is also vulnerable to dictionary attacks. You should therefore use this storage scheme only in cases where an external application expects to retrieve the password and verify it outside of the directory, rather than by performing an LDAP bind.
|
