Is there a valid case for an empty password?
Weijun Wang
weijun.wang at oracle.com
Thu Oct 11 23:25:53 EDT 2018
I checked the history, sorry for blaming Windows. It was requested by an embedded server vendor.
> On Oct 12, 2018, at 11:19 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>
> We are planning to disallow empty passwords for PBKDF2 in JDK. However, some years ago I did receive a bug report to support empty passwords on Windows 200x. Is it really a valid password?
>
> Thanks
> Max
>
More information about the krbdev
mailing list