Conference ProceedingsOPEN ACCESS

UNIX password security - Ten years later

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (1990) 435 LNCS 44-63
DOI: 10.1007/0-387-34805-0_6
99Citations
Citations of this article
85Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Passwords in the UNIX operating system are encrypted with the crypt algorithm and kept in the publicly-readable file /etc/passwd. This paper examines the vulnerability of UNIX to attacks on its password system. Over the past 10 years, improvements in hardware and software have increased the crypts/second/dollar ratio by five orders of magnitude. We reexamine the UNIX password system in light of these advances and point oat possible solutions to the problem of easily found passwords. The paper discusses how the authors built some high-speed tools for password cracking and what elements were necessary for their success. These elements are examined to determine if any of them can be removed from the hands of a possible system infiltrator, and thus increase the security of the system. We conclude that the single most important step that can be taken to improve password security is to increase password entropy.

Cite

CITATION STYLE

APA

Feldmeier, D. C., & Karn, P. R. (1990). UNIX password security - Ten years later. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 435 LNCS, pp. 44–63). Springer Verlag. https://doi.org/10.1007/0-387-34805-0_6

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free