|
|
Back to UserFriendly Strip Comments Index
|
Topic for debate: changing passwords | by nix | 2005-05-16 11:03:40 |
| My understanding |
by psychoi3oy |
2005-05-16 11:15:16 |
is that an attacker could copy /etc/shadow (or other encrypted password file) to his local (or another) machine and then begin brute forcing it. Depending on a lot of things, brute forcing can take up to $timeperiod such that if you change root (or other privledged user) passwords in $timeperiod-1 or smaller, the brute force will only result in having the old password.
Then there's the nefarious internal attacks. Changing privledged user passwords (and deleting old accounts) regularly can help keep up with turnover of people within an organization such that disgruntled former employees no longer have access. In some orginizations the turnover is significant, others not so much. I would surmize that any smart person recently fired from somewhere won't imediately attack his/her former workplace because of the obviousness of who/where it might be coming from. Changing the major passwords after layoffs is a good idea.
It ultimately comes down to attempting to stay at least one step ahead of any theoretical atackers, and changing the passwords on a ($bruteforcetime/2) - 1 timescale can help, especially if you don't know someone has a copy of your PW files. $bruteforcetime is of course increased greatly for longer passwords, more complex characters, etc. |
|
[ Reply ] |
|
If the attacker stole your password file once | by nix | 2005-05-16 11:44:26 |
|
Rest of my response | by nix | 2005-05-16 12:15:31 |
|
This is why security has to be multi-layered. | by Didactylos | 2005-05-16 12:37:22 |
|
|
[Todays Cartoon Discussion]
[News Index]
|
|
