[Dshield] Password Strength

Johannes B. Ullrich jullrich at euclidian.com
Mon Oct 18 03:34:42 GMT 2004


> Anything else? Is there any sites/tools to test a password's relative
> strength?  So far all I know of is crack.

your criteria look reasonable. A couple suggestions:

- switch to key based ssh authentication, which will allow you to limit
access easily to a given IP block.
- you have to monitor your logs for brute forcing.

my favorite root password generator:

head -c100  /dev/random | uuencode -m -

now just copy/past a substring...

BTW: Make sure that you use a password cipher that supports >8 char
passwords.

-- 
Johannes Ullrich                     jullrich at euclidian.com
contact: http://johannes.homepc.org/contact.htm

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20041017/8c0630a3/attachment.bin


More information about the list mailing list