First of all: You need to prevent brute force attempts or make it almost impossible to brute-force.
Hackers today use FPGA and GPU based cracking systems, capable of processing 60,000,000 passwords (right - 60 million) per second per FPGA/GPU unit.
So, the answer is:
1) Make your user name very long, as together with the password, user name is used to create your hashed password sequence, which is used as a start by hackers
2) Considering that SYS is a short name, it's password MUST be very long
Overall: Password: no less than 12-15 characters and include mix of special characters in addition to alphanumerics
Sill, password can be long and make sense, like: "Th1s_Is+MyW1reLess"
To see what hackers are capable of using FPGA units, consider below database security URL:
http://conus.info/ops/ - with much respect to the author, he is touching the ground in regards to brute-force simulation, but reality is grimmer.
No comments:
Post a Comment