tailieunhanh - Hacking FOR DUMmIES phần 4

, bởi vì mọi người có xu hướng lấy mật khẩu từ nghĩa đen và sử dụng các từ chỉ, có thể kém an toàn. Hiển thị những gì có thể xảy ra khi các mật khẩu yếu được sử dụng hoặc mật khẩu được chia sẻ. Siêng năng xây dựng nhận thức người sử dụng của các cuộc tấn công kỹ thuật xã hội. | Chapter 7 Passwords 93 Demonstrate how to create secure passwords. You may want to refer to them as pass codes or pass phrases because people tend to take the word passwords literally and use only words which can be less secure. Show what can happen when weak passwords are used or passwords are shared. Diligently build user awareness of social-engineering attacks. Enforce or encourage the use of a strong password-creation policy that includes the following criteria Use upper- and lowercase letters special characters and numbers. Never use only numbers. These passwords can be cracked quickly. Misspell words or create acronyms from a quote or a sentence. An acronym is a word created from the initials of a phrase. For example ASCII is an acronym for American Standard Code for Information Interchange. Use punctuation characters to separate words or acronyms. Change passwords every 6 to 12 months. Use different passwords for each system. This is especially important for network-infrastructure hosts such as servers firewalls and routers. Use variable-length passwords. This can throw off the hackers because they won t know the required minimum or maximum length of passwords and must try all password length combinations. Don t use common slang words or words that are in a dictionary. Don t use similar-looking characters such as 3 instead of E 5 instead of S or instead of 1. Password-cracking programs can check for this. Don t reuse the same password within 12 months. Use password-protected screen savers. Don t share passwords. Avoid storing user passwords in a central place such as an unsecured spreadsheet on a hard drive. This is an invitation for disaster. Use PGP Password Safe or a similar program to store user passwords. Other considerations Here are some other password-hacking countermeasures that I recommend Enable security auditing to help monitor and track password attacks. Test your applications to make sure they .

TỪ KHÓA LIÊN QUAN