<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta http-equiv="X-UA-Compatible" content="IE=edge" />
				<meta name="viewport" content="width=device-width, initial-scale=1" />
		<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
		<meta name="format-detection" content="telephone=no" />
		<meta name="robots" content="noindex" />
			<title>AFP Passwords and User Authentication Methods</title><body class="ac-gn-current-support">
	<input type="hidden"  id="cdsHeaderObj" data-json='{"setPod": "true",
"resourceUrl": "https://support.apple.com",
"akamaiUrl": "https://km.support.apple.com",
"modelValue": "Support",
"aiSearchServiceURL": "support.apple.com",
"podLocaleValue": "en_US",
"omnitureLocale": "us_en",
"aiCrossDomainSearchServiceURL": "support-suggestions.apple.com",
"podValue": "us~en",
"searchCountry": "us",
"enableAppleInstant": "yes",
"pageName": "kb",
"amlSuggestionsUrl": "https://www.apple.com/search-services/suggestions/",
"title": "AFP Passwords and User Authentication Methods",
"channelName": "LEGACY"
}'>
	<input type="hidden"  id="httpDownloadURL" value="http://support.apple.com">
<!-- 	
 -->

	
<aside id="ac-gn-segmentbar" class="ac-gn-segmentbar" lang="en-US" dir="ltr" data-strings="{ 'exit': 'Exit', 'view': '{%STOREFRONT%} Store Home', 'segments': { 'smb': 'Business Store Home', 'eduInd': 'Education Store Home', 'other': 'Store Home' } }">
</aside>

<h1 id="main-title">AFP Passwords and User Authentication Methods</h1>
<div id="abstract">
 
<div id="intro-container"><div class="truncate"><div class="attr SYMPTOMS"><div class="attr TOPIC"><FONT SIZE=4> </FONT><BR>
<FONT SIZE=4> <BR>
Are AppleShare File Server user passwords stored in the Users and Groups file<BR>
in an encrypted or unencrypted form?  If encrypted, what is the algorithm?  If<BR>
encrypted, is the encryption key stored on the server volume?<BR>
 <BR>
It is my understanding that in the Random Number Exchange method for user<BR>
authentication, user passwords are never transmitted over the network<BR>
unencrypted.  Is this correct?<BR>
 <BR>
</FONT></div></div> <!--  attr Symptom  --></div> <!--  truncate --></div> <!--  intro-container --><div class="clear"> </div>
 </div>   <!-- abstract end -->
<div id="articlecontent">
<div id="indicator-container">      
<div class="indicator archived"></div></div> <!-- Indicator-container -->
  <div class="attr SUMMARY">
It is true that passwords are not encrypted in the Users and Groups file on the<BR>
server.  The theory is that the file is not accessible over the network and<BR>
that a server requiring security can be locked away from prying eyes and<BR>
software.<BR>
 <BR>
You are correct in stating that the Random Number Exchange method of user<BR>
authentication does not send a password over the network unencrypted.  Be aware<BR>
that some third-party AFP servers may not support this method (although it<BR>
would be unusual), and the user has no control over what user authentication<BR>
method is used.  The server being connected determines this.  For a more<BR>
detailed description of user authentication methods available through the<BR>
AppleTalk Filing Protocol, read &quot;Inside AppleTalk&quot; pages 13-28 through 13-30.<BR>
 <BR>
<BR></div>
</div>


<!-- Start SiteCatalyst code version: H.8. -->


<!-- End SiteCatalyst code version: H.8. -->


<div class="mod-date">Published Date: Feb 18, 2012</div>
  <div id="mimosa-tags">
  
  <input type ="hidden" id="mimosa-tags-heading" value="Related Topics" />
  <input type ="hidden" id="showNavTagFlag" value="true" />
  <input type ="hidden" id="tags-localised" value="Tag" />
        </div>

</div><!--/#content-->
</div><!--/#main-->

<!-- Helpful not helpful section -->
 <div style="display:none">
<div id="meta">
                </div> <!--/#meta-->
</div>          
        <!-- Related Section -->
<div class="border-div"></div>      <!-- Offer Section -->
<div class="border-div"></div>
<div id="promo" style="display:none;"> Still need help?</div>          
         
<div style="clear:both;"></div>

</div>
<input type="hidden"  id="cdsArticleObj" data-json='{"docId": "TA43659",
"cdsLocale": "en_US",
"imgSrc": "",
"akamaiUrl": "https://km.support.apple.com",
"strTitle": "AFP Passwords and User Authentication Methods",
"strLocale": "en_US",
"omniturePageName": "acs::kb::dl::ta43659::afp passwords and user authentication methods",
"metaUrl": "",
"baseLink": "https://km.support.apple.com/kb/",
"reportLink": "https://support.apple.com",
"lcl": "en_US",
"localeParam": "en_US",
"viewLocale": "null",
"domainName": "0",
"archive": "true",
"enableAffectedProductPortlet": "false",
"configHeaderFooterLocale": "en_US",
"strCategoryListRefKeys": "",
"lastModifiedDate": "2012-02-18",
"creationDate": "1990-06-17",
"publishedDate": "Sat, 18 Feb 2012 03:57:21 GMT",
"publishedDateHeader": "Sat, 18 Feb 2012 03:57:21 GMT",
"oldInquiraID": "",
"articleNo": "TA43659",
"strChannel": "LEGACY",
"isOmnitureSupported": "true",
"referringPage": "unknown",
"messageResourcesArticleTempEmail": "Email Download Link",
"messageResourcesArticleTempDown": "Download",
"ACStaticText": "{\"more\": \"…more\", \"less\": \"less\" }"
}'>

<div class="footer-wrapper">

</div>


</html>