| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Build a Web Interface to Allow Users to Change their Passwords The purpose of this paper is to show you (the System Administrator) how to break free from the mundane task of periodically changing user passwords (in keeping with good security practices from GIAC Security Essentials). This document is designed to show you step-by-step how to build a web page for users to update their passwords on a UNIX or Windows server, easily, securely and without spending too much money on software! You'll need to be a little resourceful gathering the mostly free and a little commercial software, understanding basic shell programming, and knowing a little about compiling/installing UNIX software.
By Unknown, 03/24/2004
|
|
L is for Login This paper will look at login commands, authentication mechanisms, passwords and password management programs used in several UNIX platforms, highlighting aspects of Solaris 8 and Red Hat Linux (RH) 7.3.
By Carolee L. Rand, 03/24/2004
|
|
Passwords are DEAD! (Long Live Passwords?) Following a brief history and definition of passwords, this paper will show three properties of passwords that render passwords risky or unsuitable for use. Suggestions for mitigating risk from these properties is covered briefly. Current attacks on passwords, illustrated by a simple experiment, and future trends in computing that will obsolete password use are highlighted. A short description of a risk analysis as applied to authentication is sketched out and pointers are given to alternative forms of authentication.
By David Beverstock, 03/24/2004
|
|
The Simplest Security: A Guide To Better Password Practices Passwords are simpler and cheaper than other, more secure forms of authentication like special key cards, fingerprint ID machines, and retinal scanners. They provide a simple, direct means of protecting a system or account. For the sake of this article, we'll define a "password" as a word, a phrase, or combination of miscellaneous characters that authenticates the identity of the user. Passwords are generally used in combination with some form of identification, such as a username, account number, or e-mail address. While a username establishes the identity of the user for the computer or system, the password, which is known only to the authorized user, authenticates that the user is who he or she claims to be. This means that their function is to "prove to the system that you are who you say you are" (Russell).
By Sarah Granger, 03/22/2004
|
|
Password Crackers - Ensuring the Security of Your Password Strong, secure passwords are a cornerstone of an effective security strategy. Passwords ensure that only authorized personnel will be able to gain access to a system or network. Unfortunately this is not always the case. Passwords are usually invented and implemented by the individuals who are utilizing the computer or the network. The words, symbols, dates that make up the password usually have some personal meaning to the user so that the he or she can easily remember it. Herein lies the problem. Many users will place priority on convenience over security. As a result, they choose passwords that are relatively simple. While this helps them to recall the password when it comes time to logon - it also makes the password much easier for hackers to crack. Potential hackers will probe your network looking for the weak link that will give them entry. The most notorious and the easiest to exploit is a weak password. The first line of security defense thus becomes one of the weakest.
By A. Cliff, 03/22/2004
|
|
The Problems with Passwords Most current password systems for the Internet are flawed. Designs that were almost acceptable 10 and 15 years ago have not been updated. Instead of moving to integrating authentication services under a cryptographically sound approach the IT industry has continued to proliferate multiple incompatible systems. Users are increasingly exposed by suppliers who feel no pressure to do anything better. There are parallels with the situation where web site page design methods are increasingly being rejected by security software because they represent known security weaknesses that have been exploited by hackers and viruses.
By ArticSoft Ltd, 03/22/2004
|
|
Passwords: Simple yet effective Simple techniques for users to generate effective passwords that are comparatively easy to remember. Contents at a glance include: choosing a password, stronger passwords (pseudo-random techniques), managing your password and password policies for small organizations.
By DR ODriscoll, 03/21/2004
|
|
Options for Secure Personal Password Management Most consumers will, against the advice of security experts, use weak passwords, reuse one or two passwords for everything, write their passwords down, or all of the above, simply in an attempt to retain their sanity. This situation is even worse for a system administrator, information security officer or IT consultant. People in these positions not only have to deal with many more systems, but typically choose strong (e.g. hard to remember) passwords, and select different ones for each system.
By Hugh T. Ranalli, 02/18/2004
|
|
Page: 1 2 |
