On Sun, 2007-10-07 at 11:43 -0400, Steve Grubb wrote: > On Sunday 07 October 2007 11:33:45 Lubomir Kundrak wrote: > > > A successful account breach requires 3 things: a machine name, a valid > > > account, and the password. Letting people know that an account is valid > > > cuts the attack down to a dictionary attack. > > > > So what about trying to hide the machine name? > > Yes that is a good thing to try, but likely to be exposed. NAT's do some > degree of protecting this. But this is really not the point of this thread. And I really hope you don't advocate NAT as a security feature, please! /me hates NAT and I hope nobody will be allowed to reintroduce something like that with IPv6 > > This is plain nonsense. Time that was spent avoiding timing `attacks' was > > wasted. The _password_ is meant to be a key that is to be hidden, not the > > account name. > > No, it is both. This is why face logins are bad in a secure setting. I think this kind of reasoning make sense only when made in a vacuum. In most cases the username is just too easy to find out anyway. Trying to regard it as a secret to protect is just plainly voodoo security IMO, I concur with Lubomir on this. > > If anything, dictionary attacks can be done against the username-password > > pair also. > > Yes that is true. But not having a valid account name doubles the complexity > and requires you to work even longer. That is a function of username lenght and passord lenght: These 2 cases show same complexity: A) 8 char username + 8 char password b) 16 chars password Want to bet the odds, make the password longer (make it a passphrase) and stop caring about the username being public or not. Simo. > -Steve > -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
