Shodor Network Security Protocols

• Home
  • Passwords
• Email
• Mailing Lists
• Login Shells
• File Transfer

A Few Words on Passwords

It is important to remember that the most important step of keeping malicious individuals from compromising the machine is to keep them from logging in. Most of the methods of compromising a machine start by assuming that the hacker already has a user account. If the hacker has your login password, your account can be used to compromise the machine.

The single most important thing we can do to keep our server secure is to protect our login passwords.

For that reason, any password that can be passed in clear text, or over a poorly encrypted method such as WEP on wireless networks, should be different from the login password. This includes your APOP email password and any htaccess passwords on the website. This can also include AppleTalk connections to an insecure server.

It is also important that passwords are not easy to guess. There are many commercial programs available that will attempt to guess passwords by making combinations of dictionary words. The best passwords are ones that are random, and include a mixture of numbers, letters, special characters, and case. Passwords should be 8 characters in length. Examples are x$5sD!#8 and cVn&3dt0.