Hi all,

Working on compliance reports for a ASE 12 server and
am trying to find out how to find the length of a password from
syslogins to put into an audit report. New requirements state
that the password has to be 8 characters and we want to report
on who has less than 8.

I know that you can set the minimum password length, but that
doesn't kick in until the person changes their password (and, in this
case, a lot of app servers might fail because they wouldn't know
how to handle the response.)

Any ideas?

Thanks!
-D

There is simply no way to find out what the current password, or its length,
is.
The only way to guarantee that new passwords are at least 8 chars is to
reset all passwords with new values (and set the minimum length to 8).

HTH,

Rob
-------------------------------------------------------------
Rob Verschoor

Certified Sybase Professional DBA for ASE 12.5/12.0/11.5/11.0
and Replication Server 12.5 / TeamSybase

Author of Sybase books (order online at www.sypron.nl/shop):
"Tips, Tricks & Recipes for Sybase ASE"
"The Complete Sybase Replication Server Quick Reference Guide"
"The Complete Sybase ASE Quick Reference Guide"

mailto:rob (AT) YOUR (DOT) SPAM.sypron.nl.NOT.FOR.ME
http://www.sypron.nl
Sypron B.V., P.O.Box 10695, 2501HR Den Haag, The Netherlands
-------------------------------------------------------------

<devilishd (AT) gmail (DOT) com> wrote

To find the length of the Sybase password you can do this:

Extract the hash of the password from master.syslogins.
Run a password crack tools with the hash algorithm used by Sybase and Rainbow Tables.

You get the password (Uper case and Case Sensitive).
Regards;
Azzedine