Educate users about strong passwords
General concepts in security escape most end users, pointy-haired bosses, and other decision-makers, and even some junior administrators. While the more senior technologists may not ever hope to get them to relate to the finer points of DMZs and VLANs, we should at least continue to push and educate in the area of passwords.
Cracking passwords is incredibly easy. I learned how to crack passwords only days after I figured out how to get Linux to recognize my dialup modem. My 14-year-old brother taught me. A user with a recent Pentium-class desktop can launch a brute force password attack that can try upwards of 10 million word variations per second. Keep in mind that an attacker needs only one match, one IP address, and one rootkit or other privelege escalation routine to make your life a living hell.
By Brian Jones at Linux.com
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.