How to calculate the password length if the user already exists in Linux?

Question

How to calculate the password length if the user which already exists in Linux? I only know the encrypted password for that user in another file /etc/shadow. Can I calculate the password length from the value in this file?

Are there any other ways to solve this?

complexity of password is defined in misceleanous files in /etc/pam.d — Archemar, Jun 25 '19 at 08:47

Kusalananda · Answer 1 · 2019-06-25T10:10:33.987

5

The passwords are stored hashed, i.e. the actual passwords are never stored but a cryptographic checksum is stored in /etc/shadow. You can't compute the length of a string from a cryptographic hash of that string. Doing so would be equivalent of breaking/cracking the cryptographic hashing algorithm.

What you want to do is similar to finding the length of a file from its MD5 checksum. This can not be done.

Tangentially related:

How to find the hashing algorithm used to hash passwords?

edited Jun 25 '19 at 10:10

answered Jun 25 '19 at 09:32

Kusalananda

320,670
36
633
936

Is there any other way to solve it? I mean in Other OS mechanisms – takethat Jun 26 '19 at 03:51

How to calculate the password length if the user already exists in Linux?

1 Answers1