[Gllug] Why have root passwords at all?

[Tethys]

Bruce Richardson writes:

>How do you know that they do not have it?  It would be very difficult to
>allow them to administer your network and yet prevent them from having
>any opportunity to take a copy of the password files.  Once they have
>that, all they need is a password cracker and some time.

Choose a strong password? My current one survived over a week of
John The Ripper before I killed the process, and I have no reason
to suspect it wouldn't last much longer. Indeed, a password chosen
for its strength will probably be better than one chosen purely at
random, which will sooner or later throw out an easily guessable
string.

Tet
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug