Passwords have been a keystone of account security for 60 years, predating Unix by nearly a decade. Learn how to use either the command line or the GNOME desktop environment to manage your passwords in Linux.
How to Choose a Strong Password
The computer password was born from necessity. With the advent of multiuser time-sharing computer systems, the importance of separating and protecting people’s data became apparent, and the password solved that problem.
Passwords are still the most common form of account authentication. Two-factor and multifactor authentication enhances password protection, and biometric authentication provides an alternative method of identification. However, the good old password is still with us and will be for a long time to come. This means you need to know how best to create and use them. Some of the older practices are no longer valid.
Here are some basic password rules:
- Don’t use passwords at all: Use passphrases instead. Three or four unrelated words connected by punctuation, symbols, or numbers make it much harder to crack than a string of gobbledygook or a password with vowels swapped out for numbers.
- Don’t re-use passwords: Don’t do this on the same or different systems.
- Don’t share your passwords: Passwords are private. Don’t share them with others.
- Don’t base passwords on personally significant information: Don’t use family members’ names, sports teams, favorite bands, or anything else that could be socially engineered or deduced from your social media.
- Don’t use pattern passwords: Don’t base passwords on patterns or positions of keys, such as qwerty, 1q2w3e, and so on.
Password expiration policies are no longer best practice. If you adopt strong, secure passphrases, you’ll only have to change them if you suspect they’ve been compromised. Regular password changes inadvertently promote poor password choices because many people use a base password and just add a date or digit to the end of it.
The National Institute of Standards and Technology has written extensively on passwords and user identification and authentication. Their comments are publicly available in Special Publication 800-63-3: Digital Authentication Guidelines.
The passwd File
Historically, Unix-like operating systems stored passwords, along with other information regarding each account, in the “/etc/passwd” file. Today, the “/etc/passwd” file still holds account information, but the encrypted passwords are held in the “/etc/shadow” file, which has restricted access. By contrast, anyone can look at the “/etc/passwd” file.
To peek inside the “/etc/passwd” file, type this command:
less /etc/passwd
Read the remaining 78 paragraphs
from How-To Geek https://ift.tt/2NQxroN
No comments:
Post a Comment