:In the DFLY Handbook, it states that DragonFly uses MD5 for creating :password entries/hashes (/etc/passwd). : :I would like to point out that MD5 is old and considered broken. : :Therefore, I suggest upgrading DragonFly to use either SHA-1, or SHA-2. Out :of the two options I would recommend SHA-2, since problems have been :identified in SHA-1. : :It does say in Wikipedia, that Unix/Linux vendors are migrating to use SHA-2 :for password hashes (256-bit and 512-bit). : :PS It says in Wikipedia that MD5 "should be considered cryptographically :broken and unsuitable for further use", and that US government applications :are required to move to SHA-2 by 2010. : :-- :Sincerely, :Robin Carey Well... if someone wants to add another encryption method that's fine w/me. Nobody should be using plaintext passwords for remote access anyway since most attacks don't even bother trying to decrypt any more, they just run against a dictionary. -Matt