2.6. Root Password

Previous page
Table of content
Next page

2.6. Root Password

The last thing that needs to be done before installing packages is to set the system administrator (root) password (see Fig. 2.7). In Linux, like in Windows XP Professional (not to be confused with Windows XP Home Edition), the system cannot be entered without a password, as can be done in Windows 9 x You have to provide the user name and the password; only then will you be given access to certain areas and functions of the operating system. Exactly with which areas and functions you will be allowed to work in depends on your privileges.

image from book
Figure 2.7: The Set Root Password dialog window

The installation program only checks to ensure that the password is of a certain length, which should be no shorter than six characters for the administrator. Because the root user has complete system rights, the administrator password must be as difficult to pick as possible.

All computer security specialists unanimously ask their users to use complex passwords, but few of the latter follow those recommendations. Names, meaningful words, birthday dates, and the like should not be used for passwords. These passwords can be easily compromised by a simple dictionary-search method and, if there is already a dictionary of likely passwords available, this search will not take long.

It is advisable to generate random passwords containing lowercase and uppercase letters , digits, and other allowed characters. A password should be at least 8-character long; 12 characters are more desirable. In the latter case, it will take much more time for the hacker to pick it.

When I need to generate a password, I start a word processor (the standard Notepad will do) and randomly hit the keyboard keys, periodically switching between the uppercase and the lowercase options. You may say that a password generated this way is too difficult to remember. I firmly believe it is better to spend a couple of days memorizing a strong password than to lose some important data.

If you don't feel like doing this, there is a simpler method of generating passwords, but the reliability of the passwords generated using it is accordingly lower. You start with some word as a base, "generation," for example. It is sufficiently long, but, on the other hand, can be easily picked using the dictionary method. To make it stronger, replace the original letters with the letters located in the keyboard row above and to the left of them. Using this method, letter "g" is substituted with letter "t," letter "e" is substituted with digit "3," and so on, the resulting password being t3h34q589h. This password is as easy to remember as the starting word, but, at the same time, is more difficult to pick using the dictionary method.

Other variations of this method can be used, like replacing the original letters with the letters to the right of them. Some replacement letters can also be uppercase, which makes the password twice as difficult to pick.

As you can see, the method is surprisingly simple, but the passwords it produces are sufficiently difficult to pick.


Previous page
Table of content
Next page
Hacker Linux Uncovered
Hacker Linux Uncovered
ISBN: 1931769508
EAN: 2147483647
Year: 2004
Pages: 141
Authors: Michael Flenov
BUY ON AMAZON
VBScript Programmers Reference
Java for RPG Programmers, 2nd Edition
C & Data Structures (Charles River Media Computer Engineering)
PMP Practice Questions Exam Cram 2
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy