CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Sunday, July 25, 2021

Password Policy

PASSWORD POLICY

The recommended minimum password length is 14 characters. With the advancement of CPU processing power and RAM, 8-character passwords are no longer recommended. 

Avoid using words found in the dictionary or part of the username to make a password strong. Use at least 3 of the following four:
Uppercase letters (26 A through Z)
Lowercase letters (26 a through z)
Numbers (10 numbers 0-9)
Special characters (32 characters, like !, @, #, %, &, and *)

An 8-character password with only lowercase letters is calculated as 26^8, or 208827064576 (208 billion) possibilities. Making the password 10 lowercase letters changes it to 141 trillion possibilities. 

With a desktop computer and a high-end graphics card, password-cracking tools are capable of testing 20 billion passwords per second. An attacker could break the 10-character password in two hours.

The combination possibilities of utilizing all four character types will equal 94 characters. Change your password to 14 characters and use a combination of all four character types  (94^14), and the possibilities are mind-blowing, a little over 4 septillions. 

Password length: To make brute force attacks more difficult, enforce minimum length. 

Password history: A password history setting in Group Policy can be enabled for 24 passwords. Once 24 passwords have been used, users can only use their favorite password. This needs to be enabled along with Password Minimum Age. Password History is not enabled if the user uses the same password after the Maximum Password Age (Password expiration).

Password Minimum Age: The default setting in Group Policy is 0, meaning users could change their passwords multiple times on the same day to return to their favorite password. The administrator would receive multiple password reset alerts. 

Saturday, July 24, 2021

Passwordless Authentication Setup using SSH Commands

 Passwordless Authentication

This only requires three steps. Here are the steps in order:

1. ssh-keygen -t rsa

2. Ssh-copy-id -I ~/.ssh/id_rsa.pub user@server

3. Ssh root@server