Dec 07, '04 09:38:00AM • Contributed by: Angostura
OS X 10.3 fixed this, however, anyone who did an upgrade install (and possibly an archive and install) from an earlier version of OS X will find that pre-existing accounts retain the weakness -- passwords characters past the eighth position are ignored. It is possible to check the status of the password using NetInfo Manager (in Applications -> Utilities). Launch the application, click on Users, then click on your username. Users with old-style, weak passwords will have the property (in the lower portion of the window) authentication_authority set to ;Basic;. Strong full-length passwords will have the value ;ShadowHash; for this property.
To fix this, it is necessary to change each account's login password in the Accounts System Preferences pane. The new password can be the same as the old password, but the practical upshot is that now all the characters will count. I'm indebted to Michael Conniff and Rafe H. on the Apple discussion boards for helping me sort this out.
[robg adds: The eight-character-limit was discussed in this really old hint, and we've also covered techniques for creating strong passwords, as well as a way to test your passwords' strength using a built-in Apple utility.]
