Alcatel-Lucent 8950 AAA User Manual

Page 335

The SMT User Files Panel

Creating and Managing User Profiles with Files

............................................................................................................................................................................................................................................................
365-360-001R6.0

Issue 1, December 2008

19-7

SeCrEt

is not the same as

secret

4. As an option, you may hash the password for storage. Click the ... next to the password

field. Select an hash type from the list that appears, as shown in

Figure 19-8

Important!

We use the term “hash” instead of “encryption” because the process of

hashing cannot be reversed. By definition, something that can be encrypted can also be
decrypted. For authentication checking of hashed passwords, 8950 AAA takes the
password entered by the user and hashes it using the exact same calculation that was
used to hash the password in the user profile.

If the two resulting hashes match, then the two passwords must have been the same.

Note that use of hashed passwords in a user’s profile requires the use of the PAP
(Password Authentication Protocol) in the PPP session. CHAP (Challenge Handshake
Authentication Protocol) cannot be used with hashed password in the user profile.

Figure 19-8 User Profile Dialog–Password hash Type

The plain text password is replaced by the encrypted password. For example, if you
enter “MySecretPassword” and select MD5 encryption, the Password field now
contains something like:

$MD5$3XzCR7LP$fJ7/npaleWkxnfWQjWidiO

Important!

The results will be different each time you perform the hash. Do not

attempt to hash a password that has already been hashed. The resulting value is
unusable and the hash process cannot be undone.

5. As an option, specify the Authentication Type from the drop-down list, as shown in

Figure 19-9

Select encrypt type