From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 2 Information Security Risk Management
Join today to access over 24,900 courses taught by industry experts.
Password attacks
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 2 Information Security Risk Management
Password attacks
- Passwords secure the vast majority of systems today. This time tested approach does provide adequate security for many purposes, but it has a lot of drawbacks. Attackers can wage attacks designed to crack passwords stored in system files. Many attacks use this approach to steal massive numbers of user accounts. Let's take a look at some password attacks. On Linux systems, password files contain user credentials. When a user attempts to log into a system, the login process checks the password file to determine whether the password is valid. Now, of course the file doesn't simply contain a copy of the password. That would be an easy target for attackers and it would also allow system administrators to know all of the user passwords on a system. Instead, the password file contains a password hash shown here, that's computed using a one way function. When the user logs in, the login process takes the password, computes a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
(Locked)
Denial of service attacks4m 15s
-
(Locked)
Eavesdropping attacks4m 12s
-
(Locked)
DNS attacks3m 30s
-
(Locked)
Layer 2 attacks2m 3s
-
(Locked)
Network address spoofing3m 35s
-
(Locked)
Password attacks8m 12s
-
(Locked)
Password spraying and credential stuffing1m 47s
-
(Locked)
Watering hole attacks2m 54s
-
(Locked)
-
-
-
-
-
-
-
-