Slashdot Mirror

← Back to Stories (view on slashdot.org)

Passwords May Be Weakest Link

Posted by CmdrTaco on from the no-shock-there dept.

blankmange writes "ZDNet is carrying a piece on network security and employee passwords: "When a regional health care company called in network protection firm Neohapsis to find the vulnerabilities in its systems, the Chicago-based security company knew a sure place to look. Retrieving the password file from one of the health care company's servers, the consulting firm put "John the Ripper," a well-known cracking program, on the case. While well-chosen passwords could take years--if not decades--of computer time to crack, it took the program only an hour to decipher 30 percent of the passwords for the nearly 10,000 accounts listed in the file." Sounds like enforced password formats and mandatory changing of passwords would help, but how many companies actually make them policy and enforce it?"

2 of 495 comments (clear)

  1. Re:Obvious by Capt.+DrunkenBum · · Score: 0, Offtopic

    Not very secure anymore are they?

    Off to destroy your karma if thos passwords work. :)

    --

    Not everyone deserves a 320i

  2. Re:Obvious by UberLame · · Score: 0, Offtopic

    Some of us have better things to do than memorize
    random (or psuedo random) strings. Give me two days of not using a password like that, and I'll forget it, just like I forgot the 1st 20 digits of pi when I stoped reciting it every hour.

    --
    I'm a loser baby, so why don't you kill me.