Linux Today: Linux News On Internet Time.

More on LinuxToday

Checking Password Complexity with John the Ripper

Aug 26, 2011, 14:00 (7 Talkback[s])
(Other stories by Ken Hess)

[ Thanks to Ken Hess for this link. ]

"Brute force is a single-character-at-a-time attack on a password file. With a powerful computer and enough time, no password can escape the hacker's relentless attack. Time is important when cracking passwords because the hacker knows that once the victim discovers the compromise, new security measures and password changes rapidly go into effect.

"System administrators need to audit passwords periodically, not only to make sure they comply with password policies, but to ensure that those that do aren't simple enough to be guessed by an outsider.

"For example, if a user chooses to use the password MarklarCo2563, you might conclude that this is a strong password. It is a strong password for someone who isn't employed at The Marklar Company at 2563 Snarkish Way. This is a weak password because it's easily guessed by a hacker attempting to break into The Marklar Company. Similarly, users also wouldn't want to select a password by simply reversing the company name to RalKram2563."

Complete Story

Related Stories: