It cannot be stressed enough how important it is to use strong user passwords and passphrase for your keys. Brute force attack works because you use dictionary based passwords. You can force users to avoid passwords against a dictionary attack and use john the ripper tool to find out existing weak passwords.
Here is a sample random password generator (put in your ~/.bashrc):
--------------------
genpasswd() {
local l=$1
[ "$l" == "" ] && l=20
tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}
--------------------
Run it:
#genpasswd 16
--------------------
uw8CnDVMwC6vOKgW
--------------------
No comments:
Post a Comment
tag ur valuable ideas below