home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  


Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 3.7 One-Time Passwords Chapter 3
Users and Passwords
Next: 4. Users, Groups, and the Superuser
 

3.8 Summary

In this chapter we've discussed how UNIX identifies users and authenticates their identity at login. We've presented some details on how passwords are represented and used. We'll present more detailed technical information in succeeding chapters on how to protect access to your password files and passwords, but the basic and most important advice for protecting your system can be summarized as follows:

  • Use one-time passwords if possible.

Otherwise:

  • Ensure that every account has a password.

  • Ensure that every user chooses a strong password.

  • Don't tell your password to other users.

Remember: even if the world's greatest computer cracker should happen to dial up your machine, if that person is stuck at the login: prompt, the only thing that he or she can do is to guess usernames and passwords, hoping to hit one combination that is correct. Unless the criminal has specifically targeted your computer out of revenge or because of special information that's on your system, the perpetrator is likely to give up and try to break into another machine.

Making sure that users pick good passwords is one of the most important parts of running a secure computer system.


Previous: 3.7 One-Time Passwords Practical UNIX & Internet Security Next: 4. Users, Groups, and the Superuser
3.7 One-Time Passwords Book Index 4. Users, Groups, and the Superuser