Announcement

Collapse
No announcement yet.

Dont use passwords on Windows network

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Dont use passwords on Windows network

    http://blogs.msdn.com/robert_hensing...28/199610.aspx

    I thought this was preety interesting.

  • #2
    Originally posted by mikedc1760
    http://blogs.msdn.com/robert_hensing...28/199610.aspx

    I thought this was preety interesting.
    Good lord... He's just rehashed something everyone's known for years.

    Comment


    • #3
      obviously he works for emsoft.

      Comment


      • #4
        Eh ok, you can delete it then.

        Comment


        • #5
          Originally posted by mikedc1760
          Eh ok, you can delete it then.
          No, it stands - it's relevant, just not anything new or exciting.

          However, this article might be worth looking into for some insight on how to better choose and protect passwords and why. Though Windows-centric, many of the basic concepts presented can be applied to pretty much any OS using passwords for authentication.

          Comment


          • #6
            I like Bruce Schneier's idea of requiring users to have a 2-part password; one part easy to remember, the other part difficult. They then write the hard half down and put it in a "secure" place (wallet, etc), and the other have must be memorized. While a tad difficult to enforce and not perfect, it is better than requiring users to remember "#$%GVSd14ed" as a password.

            I personally prefer passphrases, with random characters tossed in.
            Happiness is a belt-fed weapon.

            Comment


            • #7
              How about just not using windows?

              From what I've experianced the entire OS is a security risk if you dont know what you're doing. The only thing that seconds windows as entirely shitty is AOhell (AOL)

              Comment


              • #8
                No Religious Wars, Please

                Originally posted by LiveWire
                How about just not using windows?
                Although the word "Windows" is in the title, the principle idea applies to all systems. My guess is that Windows does not use a challenge/response authentication mechanism, and, as a result, is more vulnerable. However, your Linux (just to pick one example) passwords are just as vulnerable if someone gets the shadow file.

                Originally posted by LiveWire
                From what I've experianced the entire OS is a security risk if you dont know what you're doing. The only thing that seconds windows as entirely shitty is AOhell (AOL)
                We have discussed the issue of Microsoft Windows security before, and you aren't going to get much support in these forums. Every user-friendly system is weak until someone tightens the system down. You might have had a point ten years ago, but things have changed quite a bit since then.

                Comment


                • #9
                  Thanks for not being an ass. Most people, I thought, would be an ass to me. But hey, maybe I'm wrong. I know I'm looking forward to Longhorn, because its supposed to kick major ass. Dont get me wrong, I use windows but I keep my box secure for the most part. I dont claim to be 'leet' or good wth computers, but I know that I dont like windows all that much. I'm just not a Microsoft fan at all.

                  Comment


                  • #10
                    Interesting albeit dated read. I remember reading different articles with similar content in the past. It still doesnt address hash insertion, but oh well.
                    The best laid plans of mice and men...

                    Comment

                    Working...
                    X