How to prevent password cracking

[Radames]

Hi all,

The unauthorized user has a series of ways to break the operating system password. Of course, the number of first attacks on profiteering. In this case, he or she has access to the screen system of certification and after repeated experiments and the arithmetic errors baptism ultimately be a password . If the system administrator uses the easy to guess weak passwords, or the system administrator has not changed the default password , then this will no doubt greatly simplifies the operation of an intruder. I want to know that how do I prevent my business where password cracking behavior occur ?.Please help. Thanks in advance.

[Snake08]

Please follow the policies and processes:

(1) To change with each new and existing systems in all the default password.
(2) Do not let privileged user accounts on different systems use the same passwords.
(3) Constantly changing passwords (in most organizations there is sensitive data in the system is set to once every 30 days to change your password, but when the personnel changes took place also change password).
All the best.

[Zachary]

You need to strictly limited administrative access permissions, only the permissions granted to those who genuinely need access to people. Do not write down the password for the system (any password are case). Do not let the software script that contains the system-level account or password information. Best of luck.

[Big Fish]

For developers to create their own passwords, in accordance with the allocation of functions to give them access (development of the database used to define the contents of the field staff do not need root privileges - even if they would have produced this limited dispute). According to the work of the staff to maintain user rights. When a staff into a particular project team, you'll need based on its role to create new accounts. When his or her work changed, these rights will no longer need to use when you need to change or removal prior to its to set permissions. And if he or she resign, you also need time to clear all permissions. Check and reply.

[Shen]

If the system contains highly sensitive information and require the least amount of system access, you might consider the use of system-level password or hardware-based multi-factor tokens, and encryption and key protect them under. Note: Some companies need access to sensitive information to all employees to set multi-factor authentication mechanisms. Using the generated password or phrase (eg, "Philadelphia Phillies is the community the best baseball team") and not be limited to alphanumeric symbols. Instead of using the flag as much as possible with the digit 8 character password. Check and reply.

[Steve123]

You need to close or disconnect any attempt to access the system's back door, unless there are special needs (such as a modem, Citrix Access, etc.). You will placed in sensitive systems outside the core business and communications and to provide physical isolation (for cabinets, computer room, do the company lock, etc.). In the system restored to all of the backup media to be protected and entered into force. As part of system recovery, the old account will be restored, so need to ensure that old data does not contain the old authentication information. If it really turns the old authentication information, you need to do in a timely manner to their change, or delete operation. Proper combination of common sense and Safe to guide the team in collaboration with the IT department, will help you find the best way to protect your system password security. All the best.