A secure network to prevent unauthorised access to password stores in the first place, and to prevent the bad guys acquiring a bot-net at all.
Really secure data should be stored/transmitted using security that is not currently breakable even with all the computing power in the world for a month of Sundays. Unfortunately, we are rapidly reaching the end of life for a number of very common algorithms (MD5, SHA1 for example). DES and anything less than 56bit was rendered useless a long while ago.
But for really useful seurity, you have to look at reducing permissions. It does the bad guys no good at all if they spend huge resources on a single password, only to get Joe Bloggs timesheet and Solitare score.
I still believe even a large bot-net would need months to get a result from a strong password. A weak password doesn't need a bot-net. Pocket calculator, more like. |
