Thursday, November 25, 2010

tidbit:Oracle:How long should be my oracle password

First of all: You need to prevent brute force attempts or make it almost impossible to brute-force.

Hackers today use FPGA and GPU based cracking systems, capable of processing 60,000,000 passwords (right - 60 million) per second per FPGA/GPU unit.

So, the answer is:

1) Make your user name very long, as together with the password, user name is used to create your hashed password sequence, which is used as a start by hackers

2) Considering that SYS is a short name, it's password MUST be very long

Overall: Password: no less than 12-15 characters and include mix of special characters in addition to alphanumerics

Sill, password can be long and make sense, like: "Th1s_Is+MyW1reLess"

To see what hackers are capable of using FPGA units, consider below database security URL: - with much respect to the author, he is touching the ground in regards to brute-force simulation, but reality is grimmer.

No comments:

Post a Comment