Password Selection
Password selection is one of those critical activities that is often neglected as part of a good security baseline. The heart of the problem is that most systems today are protected only by a simple user ID and password. If an attacker discovers the right user ID and password combination—either by hand or by using any of the numerous, freely available brute-force attack tools—they are in, and they have completely bypassed all the normal steps taken to secure the system. Worse still, on a server system supporting multiple users, the attacker only has to guess one correct user ID and password combination to gain access.
This basic security challenge exists for every topic we examine in this chapter, from operating systems to ...
Get CompTIA Security+ All-in-One Exam Guide (Exam SY0-301), 3rd Edition, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
