Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Linux Security Cookbook

You're reading from   Practical Linux Security Cookbook Secure your Linux machines and keep them secured with the help of exciting recipes

Arrow left icon
Product type Paperback
Published in Apr 2016
Publisher Packt
ISBN-13 9781785286421
Length 276 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
Michael A Lindner Michael A Lindner
Author Profile Icon Michael A Lindner
Michael A Lindner
Tajinder Kalsi Tajinder Kalsi
Author Profile Icon Tajinder Kalsi
Tajinder Kalsi
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Linux Security Problems 2. Configuring a Secure and Optimized Kernel FREE CHAPTER 3. Local Filesystem Security 4. Local Authentication in Linux 5. Remote Authentication 6. Network Security 7. Security Tools 8. Linux Security Distros 9. Patching a Bash Vulnerability 10. Security Monitoring and Logging Index

Configuring password protection

In any system, the password plays a very important role in terms of security. A poor password may lead to an organization's resources being compromised. The password protection policy should be adhered to by everyone in the organization, from users to the administrator level.

How to do it…

Follow the given rules when selecting or securing your password.

For the creation policy, follow these rules:

  • A user should not use the same password for all the accounts in an organization
  • All access-related passwords should not be the same
  • Any system-level account should have a password that's different from any other account held by the same user

For the protection policy, follow these rules:

  • A password is something that needs to be treated as sensitive and confidential information. Hence, it should not be shared with anyone.
  • Passwords should not be shared through any electronic communication, such as e-mails.
  • Never reveal a password on your phone or questionnaire.
  • Do not use password hints that could provide clues to an attacker.
  • Never share company passwords with anyone, including administrative staff, managers, colleagues, and even family members.
  • Don't store passwords in written form anywhere in your office. If you store passwords on a mobile device, always use encryption.
  • Don't use the Remember Password feature of applications.
  • In there's any doubt of a password being compromised, report the incident and change the password as soon as possible.

For the change policy, follow these rules:

  • All users and administrators must change their password on a regular basis or at least on a quarterly basis
  • The security audit team of an organization must conduct random checks to check whether the passwords of any user can be guessed or cracked

How it works…

With the help of the preceding points, ensure that a password, when created or changed, is not easy enough to be guessed or cracked.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime