Bug 23709

Summary: Changing from DES to MD5 passwords does not work properly
Product: Base System Reporter: dschultz <dschultz>
Component: miscAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.1-RELEASE   
Hardware: Any   
OS: Any   

Description dschultz 2000-12-21 10:20:01 UTC 
When passwd-format=md5 is added to the login.conf file of a system that uses DES passwords, DES passwords are still used for all accounts, even if users attempt to change their passwords with passwd. Evidently, once it's DES, it's always DES, regardless of what login.conf says.

There is a workaround below, but it would be nice if the docs reflected the true nature of this beast.

Fix: 

Login as root and use vipw to set the user's encrypted password to $1$. Use passwd _username_ to set the password for that user again.
How-To-Repeat: -Install FreeBSD with libdescrypt
-Create an account
-Add passwd_format=md5 to login.conf under default
-Login to the account that was created and use passwd to change the password
-Login as root and cat master.passwd--- note that DES is still used.
Comment 1 akh 2001-04-25 20:19:57 UTC 
Now in 4.3-RELEASE,  login.conf is already set to :

default:\
        :passwd_format=md5:\


But it doesn't work at all ... if you set it to des :it crypts in md5 ,
and if you install crypto and change your libcrypt to libdescrypt , it's
the same it crypts only in des .
Comment 2 dd freebsd_committer freebsd_triage 2001-06-01 03:33:54 UTC 
State Changed
From-To: open->closed

Quite a few changes in this area have been made since 4.1; please try 4.3 
and report back if you have problems.