> The point is, however, that DES isn't used in crypt(3) as a cipher but > as a weird hash function over an eight byte value, the password, and Strengthening the password encryption algorithm strikes me as putting a tighter lock on the door when the window is standing wide open... if someone really wants to break into your machine, they can put a sniffer on your network, and it won't matter how good your encryption algorithm is. Admittedly it's a little harder to get a sniffer running on a network than crack, but even so, reusable passwords are doomed... ...Robert