TAILIEUCHUNG - Password Assessment and Management

This module will address password security. Although user names and passwords are a familiar technology, most people are not aware of the inherent weaknesses in many of the different passwordbased authentication schemes in use today. These weaknesses are important to understand since many networks would be compromised if passwords on just a few key machines (such as firewalls, DNS servers, or Windows domain controllers) were known to an attacker. | Password Assessment and Management Security Essentials The SANS Institute Information Assurance Foundations - SANS 2001 1 This module will address password security. Although user names and passwords are a familiar technology most people are not aware of the inherent weaknesses in many of the different passwordbased authentication schemes in use today. These weaknesses are important to understand since many networks would be compromised if passwords on just a few key machines such as firewalls DNS servers or Windows domain controllers were known to an attacker. Many of us remember how in the movie Wargames a teenager breaks into the government s supersecret WOPR computer by guessing the username and password of the scientist who created WOPR s software. The teen researched information publicly available about the scientist and guessed that the man s password was the name of his young son -- Joshua. That familiar example illustrates exactly why it is important not to use words or names that might be associated with a person as passwords. These values can be guessed by an attacker. Further most of us are aware that we shouldn t use passwords that are too short because all character combinations can be easily tried or write passwords on a sticky note and put the note under the keyboard. But beyond this basic understanding can we quantify what makes a password difficult to guess when a computer is used as the guessing engine It turns out that the sometimes non-intuitive answer depends on the particular method used to protect the sensitive information. In this module we will explore how and why we strive to protect passwords on the following two levels The password files should be protected from reading or theft. It should be computationally infeasible ideally for an attacker to guess the password values even given the password files. If an attacker does manage to obtain a copy of a password file we do not want him to be able to use the information contained therein to

TỪ KHÓA LIÊN QUAN
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.