Red Hat ENTERPRISE LINUX 3 - INTRODUCTION TO SYSTEM ADMINISTRATION Administration Manual page 129

Introduction to system administration

Hide thumbs Also See for ENTERPRISE LINUX 3 - INTRODUCTION TO SYSTEM ADMINISTRATION:

Manual (410 pages)

System administration manual (348 pages)

Reference manual (324 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

page of 200

/ 200
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 6. Managing User Accounts and Resource Access

6.1.2.1. Weak Passwords

As stated earlier, a weak password fails one of these three tests:

It is secret

•

It is resistant to being guessed

•

It is resistant to a brute-force attack

•

The following sections show how passwords can be weak.

6.1.2.1.1. Short Passwords

A password that is short is weak because it much more susceptible to a brute-force attack. To illustrate

this, consider the following table, where the number of potential passwords that would have to be

tested in a brute-force attack is shown. (The passwords are assumed to consist only of lower-case

letters.)

Password Length

Table 6-1. Password Length Versus the Number of Potential Passwords

As you can see, the number of possible passwords increases dramatically as the length increases.

Note

Even though this table ends at six characters, this should not be construed as recommending that

six-character passwords are sufﬁciently long for good security. In general, the longer the password,

the better.

6.1.2.1.2. Limited Character Set

The number of different characters that can comprise a password has a large impact on the ability of

an attacker to conduct a brute-force attack. For example, instead of the 26 different characters that can

be used in a lower-case-only password, what if we also used digits? That would mean each character

in a password could be one of 36 characters instead of just one of 26. In the case of a six-character

password, this increases the number of possible passwords from 308,915,776 to 2,176,782,336.

There is still more that can be done. If we also include mixed-case alphanumeric passwords (for

those operating systems that support it), the number of possible six-character passwords increases to

56,800,235,584. Adding other characters (such as punctuation marks) further increases the number of

possible passwords, making a brute-force attack that much more difﬁcult.

However, one point to keep in mind is that not every attack against a password is a brute-force attack.

The following sections describe other attributes that can make a weak password.

Potential Passwords

676

17,576

456,976

11,881,376

308,915,776

117

Table of Contents

Red Hat ENTERPRISE LINUX 3 - INTRODUCTION TO SYSTEM ADMINISTRATION Administration Manual page 129

Related Manuals for Red Hat ENTERPRISE LINUX 3 - INTRODUCTION TO SYSTEM ADMINISTRATION

Related Products for Red Hat ENTERPRISE LINUX 3 - INTRODUCTION TO SYSTEM ADMINISTRATION

Table of Contents