Software reviewer notes (XII) - password-related attacks

Others 2020-01-10 00:26:18 views: null

Common password attack mode

1, social engineering

2, brute force

3, weak password scanning

4, password monitor

Password-related defensive measures

1, for social engineering, password protection can only alert people

2, the password for the listener, by [ communications] encryption

3, scanning for weak passwords, by [ configure security policy allows users to set password security to prevent weak passwords ], increase the difficulty of guessing the password, such as: set the minimum password length, combinations

4, against brute force, you can [set] password lockout policy

5, for user passwords stored in the database server you can [encryption] and access to the database to ensure the secure password storage

Password associated test point

1, the maximum password age

2, the minimum password aging

3, password history

4, minimum password length

5, password complexity

6, encryption options

7, password lock

8, account reset

Guess you like

Origin www.cnblogs.com/poloyy/p/12173997.html

Software reviewer notes (XII) - password-related attacks

Software reviewer notes (five) - the math

Software reviewer notes (two) ---- Software Engineering

git password-related issues

Literature reading notes (XII)

"Using data mining platform (CLEMENTINE software) statistical analysis of the papers of" literature notes (XII)

Jmeter study notes (XII) - Assertion

JavaScript study notes (XII) prototype

TensorFlow notes (XII) - Optimizer related functions and features introduced in tf.train

Software design patterns learning (XII) combined mode

Texas 20 local agencies extortion software attacks

Top 10 Password Attacks and Mitigations

Notes brush over the front end face (XII)

Linux Learning Notes (xii) VIM editor

CSAPP notes (Chapter XII concurrent programming 01)

Smooth python, Fluent Python XII notes (inherited)

Oracle study notes composite index (XII)

CentOS7.3 study notes summary (XII)

Web security test study notes - CSRF attacks

Buffer overflow attacks (Buffer Overflows Lab Notes)

CISSP study notes: Malicious code and application attacks

Gerrit reviewer plugin

HackTheBox - Academy [CPTS] Review 1 - PASSWORD ATTACKS

How to protect against DDOS attacks on instant messaging software

springboot actual notes (xii) ---- springboot common form data validation

Java IO (Java Development Chapter XII real classic study notes)

Lying design pattern notes (xii) の abstract factory pattern

The new Java project studies online notes -day20 (XII)

Reading Notes: in-depth understanding ES6 (XII)

"Party management system construction and implementation of the government," the paper notes (XII)

Recommended

Ranking

[Algorithm] greedy _ program scheduling issues

Spring 控制反转（IOC）

Data structure-6.6 figure

Indicates that the class or member method has abstract properties

Huawei v5 server installed Linux operating system

Postgresql source code analysis - creating ordinary tables

Chapter 10 Evaluation Classification Results

Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages

Java Exercise 17.1

Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.

Daily

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)

2024-04-30(36)