Passwords and User Authentication

• getpass is a deprecated system call.
  • #include <unistd.h>
  • char *getpass(const char *prompt);
  • It will do for now, perhaps we will go to chapter 61 later.
    • I have never done that stuff but I think I want to know it.
    • But not this week.
  • This will prompt the user than return what they type.
  • This is not safe all over the palce, but it will work for now.
• So what do you do with this?
  • #include <unistd.h>
  • char *crypt(const char *key, const char *salt);
  • key is the users password
  • Salt is an 2 character use to randomize things more
    • It must be [a-zA-Z0-9./] (26+26+10+2 or 64 characters)
    • This provides 64^2 = 4096 different encryptings for each password
    • This increases the storage space required storing encryptions of known passwords.
  • you need to link with -l crypt , see modifications to the Makefile
  • The search space for crypt is 2^56.