Re: [ProgSoc] Unix pasword encryption

Peter Meric (
Tue, 7 Oct 1997 11:53:30 +1000 (EST)

On Tue, 7 Oct 1997, Joshua Graham Pitcher wrote:

> This is probably an RTFM question, but I haven't got an FM handy to fing the
> answer.

Actually, it probably isn't. Well, not one of our manuals anyway.

> Can someone tell me how password encryption works under unix? I know that
> the password is encrypted using the password as the key, and that it is
> encrypted with the DES algorithm 15 times. However this is as far as my
> knowledge of it goes.

My suggestion is to have a look at the source for crypt(). It's freely
available. You may also want to have a look at the variants of crypt(),
like fcrypt(). These may help with your understanding of the encryption
process. fcrypt is available from UQ (a guy there wrote a fast DES
library and ssleay etc).

> The reason I am asking is we are implementing some password protection on an
> embedded system and I have been led to believe that the unix password
> encryption is very secure.

It's only as secure as DES. So using qualitative terms like "very" can
be dangerously misleading.


Peter Meric

You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to
If you are having trouble, ask for help.

This list is archived at <>