“Cracking passwords is incredibly easy. I learned how to crack
passwords only days after I figured out how to get Linux to
recognize my dialup modem. My 14-year-old brother taught me. A user
with a recent Pentium-class desktop can launch a brute force
password attack that can try upwards of 10 million word variations
per second. Keep in mind that an attacker needs only one match, one
IP address, and one rootkit or other privelege escalation routine
to make your life a living hell.“However, good passwords aren’t a panacaea, either. We enforce
good passwords where I work, and I’ve had more than one person who,
after changing his password, immediately asked if I had a pen and
paper. That’s right folks, somewhere in the building you work in,
there’s a sticky note stuck to a monitor with a password written on
it for all to see. What’s more, even though you’re a good admin and
shut off all unencrypted means of authentication, it doesn’t
matter, because not everyone else has, and people use the same
passwords all over the place…”
Linux.com: SysAdmin to SysAdmin: Educate Users About Strong Passwords
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis