Common Secure Shell passwords unveiled

murraybiscuit said:
oi vey. this is ridiculous.
nice tip on changing the default port...
i think i may just do that on my new server.
Click to expand...

It's still fairly easy to find what port ssh is running on using nmap, you'd also want something like snort and guardian to blacklist portscanning IPs and the like.
 
Cost Conscious said:
Thing that irritates me is over-zealous web-masters like banks that insist on creating a convoluted password that you can't remember and have to commit to writing down somewhere.

Forcing you to change your PW every month ends up creating: pwordjan pwordfeb pwordmar etc etc all self-defeating.
Click to expand...

Dito!
 
Cost Conscious said:
Thing that irritates me is over-zealous web-masters like banks that insist on creating a convoluted password that you can't remember and have to commit to writing down somewhere.

Forcing you to change your PW every month ends up creating: pwordjan pwordfeb pwordmar etc etc all self-defeating.
Click to expand...

So your password is currently pwordsep :-P
 
I've had to create some password scheme where certain chars change depending on the device, site, company, .... so I can remember more passwords. It gets a bit ridiculous when you support 20 odd clients with 300 odd users (windows and pop passwords) and servers between them + then having to remember all your own passwords for devices, web sites, game clients (seeing as most new games require you to authenticate with a server) as well :s

I don't have any of these passwords writen down but do carry around a piece of paper with R4000 odd worth of ADSL usernames and passwords for my clients.
 
alt21 said:
I've had to create some password scheme where certain chars change depending on the device, site, company, .... so I can remember more passwords. It gets a bit ridiculous when you support 20 odd clients with 300 odd users (windows and pop passwords) and servers between them + then having to remember all your own passwords for devices, web sites, game clients (seeing as most new games require you to authenticate with a server) as well :s

I don't have any of these passwords writen down but do carry around a piece of paper with R4000 odd worth of ADSL usernames and passwords for my clients.
Click to expand...

SPARTAAAAA!!!
 
alt21 said:
I've had to create some password scheme where certain chars change depending on the device, site, company, .... so I can remember more passwords. It gets a bit ridiculous when you support 20 odd clients with 300 odd users (windows and pop passwords) and servers between them + then having to remember all your own passwords for devices, web sites, game clients (seeing as most new games require you to authenticate with a server) as well :s

I don't have any of these passwords writen down but do carry around a piece of paper with R4000 odd worth of ADSL usernames and passwords for my clients.
Click to expand...

I would love to find your wallet :)

I am guity of using weak passwords too, but now I tend to use afrikaans.
 
not even "toor" or "p@55w0rd"? - most commonly used at one of the big corporates.... quite shocking...
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X