How to Secure Passwords?

Discussion in 'Windows' started by GreenGrass, Jul 24, 2008.

  1. GreenGrass

    GreenGrass New Member

    Joined:
    Jul 5, 2008
    Messages:
    123
    Likes Received:
    8
    Trophy Points:
    0
    Location:
    Norway
    What is the Weakness to Password and Username?

    How can we prevent unauthorized poeple to get access to your account. How can we secure it? Well Password and Username is an old verify identity of an user account. Only the person so are the owner of the account have the password but is it really safe? There i all the time weakness in all kinda systems. There are many threats so can be used to attack this kinda account system to gain access. If the password isn't encrypted this is a very big risk since people can gain unauthorized access with just sniffing around in the network. So you should have all the password encrypted on the system.

    Another risk with password and username is that when they if the passwords is weak its can be very easy to crack it. How can i avoid that? Well make a strong password. Strong Password is from 8 - 16 characters long. As everyone know a Brute Force Attack wont stop before it have the right password. So how can we get protected against this kinda attack? Well lets say you have 5 tryes to log into the account. If you have gone over that limte the account will be locked down or you must wait like 1 hour befor you can try again. This is the best protection against Cracking attacks.


    When you are ect going to secure a School Network there is alot of things you should think about. Ect you should make it like a rule that after 3 weeks everyone must choose a new password. Since its may be a lot of password so other poeple may get access to so they can log into other accounts. Also you should lock down important Functions on the system so Normal users shouldn't have access to like "Command Prompt", and other stuffs so can be used to do things they shouldn't do. You should set up limited account to every student so they haven't access to the whole computer.

    You should also limited to use of the Internet. Lets say they only have access to specific internet pages they may go to. Also block sites like Games and stuff. Also its very important to monitor where they are going on the Internet and what they are doing. So may be it will be smart to install Keylogger on every computer. If people are doing something wrong on the computer you should lock them away from the computer for a while. Just so they know that you are the boss lol. :p

    What is Encryption?

    This is an Techniques so is used to secure Sensitive Informations so you don't want to go in the wrong hands. Important information is etc. "Password" and "Usernames" If they are encrypted no one can read them without access to read them. Lets say you must in Administrator account to read the Encrypted files. This is very good way to prevent Sniffing attacks.
     
  2. XXxxImmortalxxXX

    XXxxImmortalxxXX New Member

    Joined:
    Jun 27, 2007
    Messages:
    561
    Likes Received:
    19
    Trophy Points:
    0
    nice article but




    you can still bypass command promp once u get access u can then get full access to the pc



    you can always use a proxy and if they bann certain ones just make ur own proxy


    as for the passwords you can decrypt them using certain passwords for instance NT/XP pc passwords are stored under SAM ("security accounts manager") and any hacker can gain access to it and use cain and able to decrypt it or any other program that does it



    Other than that i like this article
     
  3. GreenGrass

    GreenGrass New Member

    Joined:
    Jul 5, 2008
    Messages:
    123
    Likes Received:
    8
    Trophy Points:
    0
    Location:
    Norway
    Thanks for a good reply XXxxImmortalxxXX :D
     
  4. XXxxImmortalxxXX

    XXxxImmortalxxXX New Member

    Joined:
    Jun 27, 2007
    Messages:
    561
    Likes Received:
    19
    Trophy Points:
    0
  5. faizulhaque

    faizulhaque New Member

    Joined:
    May 23, 2008
    Messages:
    210
    Likes Received:
    3
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Karachi
    Home Page:
    http://www.google.com
  6. Aqeel

    Aqeel New Member

    Joined:
    Aug 7, 2008
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    you can use hash function on password to secure your password. you can also apply key to encrypt your secret information like password, so that you can secure your secret information from hack or crack.
     
  7. rider

    rider New Member

    Joined:
    Jul 10, 2008
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    0
    Home Page:
    http://hacked.ro
    nice one GreenGrass but if ... lets just say that i have entered in your server and i got Administrator/root access and i install a rootkit .. after that you can change the password once in a day .. i`m still inside. The best way to avoid hack/crack is :
    In Windows - avoid porn sites , "free stuff" sites , warez sites and all the sites from that category.
    - keep the computer updated, firewall ON, and a good up to date antivirus
    -websites made with a vulnerable php script
    In Linux : - with linux is 90% probably to get cracked with some simple ssh/ftp brute-forcers
    - old openssl versions are vulnerable for few exploits
    - samba vulnerabilityes
    - php sites made with vulnerable php scripts (hosting servers)
    - other vulnerabilityes
    In Linux the best way to avoid this kind of hack/crack is to change the operating system to freeBSD or SunOS :)
     
  8. ban1414

    ban1414 New Member

    Joined:
    Oct 25, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    0
    before it have the right password

    Another risk with password and username is that when they if the passwords is weak its can be very easy to crack it. How can i avoid that? Well make a strong password. Strong Password is from 8 - 16 characters long. As everyone know a Brute Force Attack wont stop before it have the right password. So how can we get protected against this kinda attack? Well lets say you have 5 tryes to log into the account. If you have gone over that limte the account will be locked down or you must wait like 1 hour befor you can try again. This is the best protection against Cracking attacks.


    When you are ect going to secure a School Network there is alot of things you should think about. Ect you should make it like a rule that after 3 weeks everyone must choose a new password. Since its may be a lot of password so other poeple may get access to so they can log into other accounts. Also you should lock down important Functions on the system so Normal users shouldn't have access to like "Command Prompt", and other stuffs so can be used to do things they shouldn't do. You should set up limited account to every student so they haven't access to the whole computer.
     
  9. happyz

    happyz New Member

    Joined:
    Nov 18, 2008
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    0
  10. Dak914

    Dak914 Member

    Joined:
    May 3, 2008
    Messages:
    48
    Likes Received:
    5
    Trophy Points:
    8

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice