To system administrators: use the rules. make sure every user uses a password. limit the number of people who know the root password, to at least one more than yourself, but not too many. use the root account only when performing system administration work.
A password manager is software that helps a user to manage passwords and important information so that it can be accessed any time and anywhere. An excellent password manager helps to store information securely without compromising safety. All the passwords are saved using some kind of encryption so that they become difficult for others to … Read more
I don’t envy IT administrators and information security managers for many reasons but especially when it comes to the bring your own device (BYOD) movement taking place in business today. With BYOD, you have to trust that your users are making good decisions about security, and you have to figure out how to manage each … Read more
As you start to understand how Ubuntu works, you’ll become more and more aware of commonsense methods that will protect your system. However, we’ll outline a few of these now to get you started: •Entering your password: Be very wary if you’re asked to enter your password (outside of initial login, of course). You’ll be … Read more
Some applications use elaborate login mechanisms involving multiple stages. For example: ■ Entry of a username and password. ■ A challenge for specific digits from a PIN or a memorable word. ■ The submission of a value displayed on a changing physical token. Multistage login mechanisms are designed to provide enhanced security over the simple … Read more
Some applications implement the facility for a privileged user of the application to impersonate other users, in order to access data and carry out actions within their user context. For example, some banking applications allow helpdesk operators to verbally authenticate a telephone user and then switch their application session into that user’s context in order … Read more
Applications often implement “remember me” functions as a convenience to users, to prevent them needing to reenter their username and password each time they use the application from a specific computer. These functions are often insecure by design and leave the user exposed to attack both locally and by users on other computers: ■ Some … Read more
Like password change functionality, mechanisms for recovering from a forgotten password situation often introduce problems that may have been avoided in the main login function, such as username enumeration. In addition to this range of defects, design weaknesses in forgotten password functions frequently make this the weakest link at which to attack the application’s overall … Read more
SHADOW FILE In Unix-like operating systems, /etc/shadow is used to increase the security level of passwords by restricting all but highly privileged users’ access to hashed password data. Typically, that data is kept in files owned by and accessible only by the super user. DESIGN Systems administrators can reduce the likelihood of brute force attacks … Read more
Executing SQL Statements from a Text File The mysql client typically is used interactively, like this: shell> mysql db_name However, it is also possible to put your SQL statements in a file and then tell mysql to read its input from that file. To do so, create a text file text_file that contains the statements … Read more