Page 79 - Electronic Mechanic - TP - Volume - 2
P. 79
ELECTRONICS MECHANIC - CITS
• Linux shadow file
• NT Sam file
• Need to locate, choose, and download password crackers
• Need to install programs and let them run
• You will probably NOT be able to get all of the passwords cracked.
• You may assume a the file came from a U.S. system when choosing a dictionary
Protecting against Cracking
• Have a good password policy
• Change them on regular basis (how regular?)
• Lock account after 3 failed attempts
• Password should contain 1 alpha, 1 number, and one special character.
• Dont allow users to reuse previous passwords.
• Password should not be word found in a dictionary. -Consider using pass-phrase.
• Consider use of one-time passwords (most common form is smart-card).
Result: Hence, Demonstration of password cracking is completed.
62
CITS : E & H - Electronics Mechanic - Exercise 135