The strength of a cryptographic solution is not recommended to be into the obscurity of the algorithm, the most useful and most hard to break solutions are public algorithms, which everybody can see, for example PKI, CAST, PGP, all them are public.
So.. the obvious hard point of a security system is a strong password, they part of the mechanism that no other knows. The password could be interpreted as something you know, you have, something that uniquely identifies you or a combination of these. The Solaris password can have up to 255 different characters, numbers and special characters.
But taking in consideration just a password (something you know) i would like to share some best practices in Linux.
DON’T DO THIS
- A password of less than 8 characters is easily breaked by brute force attack. You can set the PASS_MIN_LENGTH in /etc/login.defs file to force long enough passwords.
- Don’t use words that can be found in a dictionary or encyclopedia of any existing language, a good technique would be to input the password in “google” and see if something was found
- Don’t use any personal detail (phone, ages, names, etc).
- Any combination of these.
THESE METHODS ARE MORE EFFECTIVE:
- Replace letters with numbers, for example “3″ for “e”, “4″ for “A”, “7″ for “T”.
- Create a mnemonic from a phrase only you know, for example “i like linux and security” would be converted in “illas”, add some numbers and your password would be secure, remember to use a larger than 8 digits password.
- Mix uppercase and lowercase letters
- Use special characters: “-”, “!”, “:”, “@”.
In Solaris it is possible to create secure passwords with the “mkpasswd” utility.
# mkpasswd -l 20
jnXbrScbzbtnwqg99hho
1 user commented in " A strong Unix Password "
Follow-up comment rss or Leave a TrackbackReally good post. i wrote a similar article regarding this subject [Google warns regarding week password]. for more details pleae visit here
http://suresh-mobileweb.blogspot.com/2008/06/google-warns-against-weak-passwords.html
Leave A Reply