This procedure allows the hacker to crack the passwords at his leisure and in the safety of his own computer lab. The hacker will save a system’s password and shadow files to a remote location. “No” because an intruder who has attained administrative access can use some powerful tools to crack the passwords on your system. It’s then up to the administrator to investigate the matter. This lockout triggers intruder detection alerts and notifies system administrators that something suspicious has happened. Random password guesses result in account lockout after a limited number of incorrect attempts. “Yes” because complex passwords prevent a hacker from guessing your password either across the network or locally on a system. The question is, “Is all that complexity enough to protect us from hackers?” The answer, to further complicate matters, is “Yes” and “No.” And, we’re discouraged from using the same password for every account. Password policies designed by well-meaning system administrators dictate the required number of characters and the complexity of passwords, but is that dictated complexity enough to protect user accounts from hackers? We’re told to create passwords that are “easy to remember but hard to guess.” We’re instructed to choose passwords that contain upper- and lowercase letters, that include numbers, and that have a few alternative characters as well.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |