My google-fu has failed me, so I’m coming here with a couple of UNIX password questions. I figured someone here might be able to help me.
When did UNIX start storing only encrypted passwords? UNIX passwords are encrypted before they are stored in a file- if your password is startrek, the string “startrek” is not stored anywhere on the machine. But I’ve read that this was not the case at one time. I heard a story about an administrator screwing up on an MIT machine in the 60’s and accidentally displaying the password file, with passwords stored in plain text, on everyone’s screen when they logged in.
When you type your password in on a UNIX system, it doesn’t display on the screen as you’re typing it. This has been true of every UNIX or Linux system I’ve used since 1993. Were there ever UNIX systems of which this was not true? If so, when did they switch to the normal practice of not displaying the password when you type it in?
I’m most specifically interested in the AIX flavor, if that helps at all. Thanks in advance.
I’ve been using UNIX since 1980 when I joined AT&T and passwords have never been open. Since UNIX spun off of Multics in a way, and Multics was designed to be security conscious, I doubt very much it ever had open passwords after (or even while) it was in Kernighan’s lab.
I don’t know which computer at MIT this happened to. When I arrived in 1969 there were lots, but the big ones were Multics, in development, CTSS, and some PDP-10s in the AI Lab. I took a class on the famous PDP-1 where SpaceWar was developed, but that was pretty much a single user machine and I don’t recall having a password at all. My gut feeling is that someone screwed up on the PDP-10, but that is all it is.
The /etc/passwd file has always been world-readable, so I have a hard time believing that UNIX passwords were ever stored in cleartext. This cites an early version (c. 1974) of UNIX with crypt functionality.
You may be thinking of systems in which the hash in /etc/password is replaced by a placeholder and the actual encrypted password string is stored in a separate (not world-readable) directory. Generally these are referred to as “trusted systems” implementations, and one does exist for AIX. I;m not sure when exactly the first version for AIX was created, but they have been around generally for 20+ years at least (since I was a young sysadmin).
The page cited by Punoqllad contains a link to a postscript file that is a paper by Morris and Thomson that fully describes the Unix password implementation history. It certainly agrees with my hazy recollection of things - although I suspect I am simply recollecting the contents of the paper decades later. The answer is that the Unix password was always encrypted, but the mechanism used was changed to improve its security early on. (The paper notes a very curious point about the mechanism - to be utterly pedantic the password isn’t encrypted - it is used as a key to encrypt a constant, and the resulting encrypted constant is what is stored. When you log in your supplied password is again used to encrypt the constant, and the result compared to the stored value. This is simply a quirk of the chosen encryption system, and results in much stronger protection.)
Unix Sys Admin from 1984 to 1988 here, mostly with Berkeley Unix. (But I see above that Voyager has been even more involved, and for longer.)
Any time you say ANYTHING (especially anything strange) about any computer system at MIT in the late 1960’s / early 1970’s the default assumption is always Multics. There are many enthralling legends. (Did you hear about the time the swapper-outer process swapped out the swapper-inner process?)
I don’t know of any time that Unix passwords were not encrypted. They used to be stored in /etc/passwd with the other account information. Then that one field was moved out of that file into a separate file. I first became aware of that change circa 1986, give or take a year or so.
I know essentially nothing of the encryption algorithm that was used, except for this: In encrypting it, a random “salt” is generated, and is used as part of the encryption key. This “salt” is stored as part of the encrypted password. To validate a password, this “salt” is extracted and used again to encrypt the password, to produce a result to be compared with the rest of the encrypted field. Thus, a given password might get encrypted in any of 1024 (I think) distinct ways, but when a user logs in later, it gets encrypted in the same way as when originally set. This makes “brute force” attacks 1024 times more difficult. That was then – I don’t know what encryption algorithm is used these days.
Now I gotta go read that paper that Francis Vaughan linked.
PDP-10 story: We had one at Berkeley. It had a CRT display. Remember John Horton Conway’s “Game of Life”? Ralph Merkle devised a fabulously efficient algorithm, encoding a field of cells using one bit per cell, that used a sequence of logical operations to update an entire row all at once. I coded his algorithm in PDP-10 assembly language, using a 216x216 grid, with updating display on the CRT. That was circa 1972 or so. I still have a paper print-out of the source code for that somewhere.
I don’t know about TOPS-10, but in my college days (late '70s) I did some naughty things to a TOPS-20 (“TWENEX”) system. Once my compatriots and I managed to get free access to the file system and found the password file: all user IDs and passwords stored in clear text in a file they thought was well-protected. I don’t know if that was typical of TOPS-20 or just a local fluke, but not long after that the passwords started to be stored encrypted.