Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Windows (http://www.go4expert.com/articles/windows/)
-   -   How to Secure Passwords? (http://www.go4expert.com/articles/secure-passwords-t12408/)

GreenGrass 24Jul2008 16:57

How to Secure Passwords?
 
What is the Weakness to Password and Username?

How can we prevent unauthorized poeple to get access to your account. How can we secure it? Well Password and Username is an old verify identity of an user account. Only the person so are the owner of the account have the password but is it really safe? There i all the time weakness in all kinda systems. There are many threats so can be used to attack this kinda account system to gain access. If the password isn't encrypted this is a very big risk since people can gain unauthorized access with just sniffing around in the network. So you should have all the password encrypted on the system.

Another risk with password and username is that when they if the passwords is weak its can be very easy to crack it. How can i avoid that? Well make a strong password. Strong Password is from 8 - 16 characters long. As everyone know a Brute Force Attack wont stop before it have the right password. So how can we get protected against this kinda attack? Well lets say you have 5 tryes to log into the account. If you have gone over that limte the account will be locked down or you must wait like 1 hour befor you can try again. This is the best protection against Cracking attacks.


When you are ect going to secure a School Network there is alot of things you should think about. Ect you should make it like a rule that after 3 weeks everyone must choose a new password. Since its may be a lot of password so other poeple may get access to so they can log into other accounts. Also you should lock down important Functions on the system so Normal users shouldn't have access to like "Command Prompt", and other stuffs so can be used to do things they shouldn't do. You should set up limited account to every student so they haven't access to the whole computer.

You should also limited to use of the Internet. Lets say they only have access to specific internet pages they may go to. Also block sites like Games and stuff. Also its very important to monitor where they are going on the Internet and what they are doing. So may be it will be smart to install Keylogger on every computer. If people are doing something wrong on the computer you should lock them away from the computer for a while. Just so they know that you are the boss lol. :p

What is Encryption?

This is an Techniques so is used to secure Sensitive Informations so you don't want to go in the wrong hands. Important information is etc. "Password" and "Usernames" If they are encrypted no one can read them without access to read them. Lets say you must in Administrator account to read the Encrypted files. This is very good way to prevent Sniffing attacks.

XXxxImmortalxxXX 25Jul2008 01:05

Re: How to Secure Passwords?
 
nice article but



Quote:


When you are ect going to secure a School Network there is alot of things you should think about. Ect you should make it like a rule that after 3 weeks everyone must choose a new password. Since its may be a lot of password so other poeple may get access to so they can log into other accounts. Also you should lock down important Functions on the system so Normal users shouldn't have access to like "Command Prompt", and other stuffs so can be used to do things they shouldn't do. You should set up limited account to every student so they haven't access to the whole computer.

you can still bypass command promp once u get access u can then get full access to the pc



Quote:

You should also limited to use of the Internet. Lets say they only have access to specific internet pages they may go to. Also block sites like Games and stuff. Also its very important to monitor where they are going on the Internet and what they are doing. So may be it will be smart to install Keylogger on every computer. If people are doing something wrong on the computer you should lock them away from the computer for a while. Just so they know that you are the boss lol.
you can always use a proxy and if they bann certain ones just make ur own proxy


as for the passwords you can decrypt them using certain passwords for instance NT/XP pc passwords are stored under SAM ("security accounts manager") and any hacker can gain access to it and use cain and able to decrypt it or any other program that does it



Other than that i like this article

GreenGrass 25Jul2008 01:11

Re: How to Secure Passwords?
 
Thanks for a good reply XXxxImmortalxxXX :D

XXxxImmortalxxXX 25Jul2008 01:19

Re: How to Secure Passwords?
 
no problem mate

faizulhaque 27Jul2008 15:29

Re: How to Secure Passwords?
 
good Work

Aqeel 7Aug2008 11:53

Re: How to Secure Passwords?
 
you can use hash function on password to secure your password. you can also apply key to encrypt your secret information like password, so that you can secure your secret information from hack or crack.

rider 14Aug2008 21:50

Re: How to Secure Passwords?
 
nice one GreenGrass but if ... lets just say that i have entered in your server and i got Administrator/root access and i install a rootkit .. after that you can change the password once in a day .. i`m still inside. The best way to avoid hack/crack is :
In Windows - avoid porn sites , "free stuff" sites , warez sites and all the sites from that category.
- keep the computer updated, firewall ON, and a good up to date antivirus
-websites made with a vulnerable php script
In Linux : - with linux is 90% probably to get cracked with some simple ssh/ftp brute-forcers
- old openssl versions are vulnerable for few exploits
- samba vulnerabilityes
- php sites made with vulnerable php scripts (hosting servers)
- other vulnerabilityes
In Linux the best way to avoid this kind of hack/crack is to change the operating system to freeBSD or SunOS :)

ban1414 25Oct2008 13:34

before it have the right password
 
Another risk with password and username is that when they if the passwords is weak its can be very easy to crack it. How can i avoid that? Well make a strong password. Strong Password is from 8 - 16 characters long. As everyone know a Brute Force Attack wont stop before it have the right password. So how can we get protected against this kinda attack? Well lets say you have 5 tryes to log into the account. If you have gone over that limte the account will be locked down or you must wait like 1 hour befor you can try again. This is the best protection against Cracking attacks.


When you are ect going to secure a School Network there is alot of things you should think about. Ect you should make it like a rule that after 3 weeks everyone must choose a new password. Since its may be a lot of password so other poeple may get access to so they can log into other accounts. Also you should lock down important Functions on the system so Normal users shouldn't have access to like "Command Prompt", and other stuffs so can be used to do things they shouldn't do. You should set up limited account to every student so they haven't access to the whole computer.

happyz 22Nov2008 19:43

Re: How to Secure Passwords?
 
nice one

Dak914 24Nov2008 06:56

Re: How to Secure Passwords?
 
Kudos.


All times are GMT +5.5. The time now is 02:03.