--- ./lib/encrypt.c.orig	2016-02-24 17:50:42.746383093 +0100
+++ ./lib/encrypt.c	2016-02-24 18:06:34.099741188 +0100
@@ -80,8 +80,10 @@
 	for (count = 0;count < 10;count++) {
 		cp = crypt(clear, salt);
 		if (!cp) {
-			perror("crypt");
-			exit(1);
+			/* Upon error, emit an impossible password so that an
+			 * attacker cannot guess valid accounts.
+			 */
+			cp = ":::::::::::::";
 		}
 		if (strlen(cp) != 13)
 			return cp;
@@ -101,8 +103,7 @@
 		 * and set errno to indicate an error.  The caller doesn't
 		 * expect us to return NULL, so...
 		 */
-		perror("crypt");
-		exit(1);
+		cp = ":::::::::::::";
 	}
 	if (strlen(cp) != 13)
 		return cp;  /* nonstandard crypt() in libc, better bail out */
@@ -112,8 +113,7 @@
 	if (strlen (clear) > 8) {
 		cp = crypt(clear + 8, salt);
 		if (!cp) {
-			perror("crypt");
-			exit(1);
+			cp = ":::::::::::::";
 		}
 		strcat(cipher, cp + 2);
 	}