The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. September 16, 2019, 01:13:53 PM

Login with username, password and session length


Pages: [1]
  Print  
Author Topic: secure password behind firewall?  (Read 2055 times)
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« on: April 03, 2009, 02:03:12 PM »

So on my production machines, sitting behind IPcop, do I really need a secure password?

i was just thinking that since the only vector for loggin in is from inside the VPN, there is really no reason?

only port 80 is open outside on 1 box.
and another nonstandard port on another box.

thats it.
So, ipcop needs a secure pass. VPN is cert based.
but inside the wall, why would i need secure passwords?

Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #1 on: April 03, 2009, 09:42:08 PM »

I s'pose you wouldn't need one, but I still lock my inner machines down tight as well, on the off chance that something I can't forsee could occur.

Natural paranoia, but you're probably 100% correct.
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
vsloathe
vim ftw!
Global Moderator
Lifer
*****
Offline Offline

Posts: 1669



View Profile
« Reply #2 on: April 04, 2009, 06:56:48 AM »

Is it really that much trouble to have a secure password?

My standard one used to be Aw9u%!&$Jw which is mnemonic for me because it takes a memorable pattern on the keyboard (to me, for some odd reason). It's seemingly patternless and would likely not appear in any dictionary lists or be guessed, but it's easy for me to remember. I do not switch passwords often enough so that one was with me for years. It possibly could be brute-forced but brute force prevention is easy and most attackers do not start with nonstandard character sets. Most default to alphanumeric.
Logged

hai
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #3 on: April 04, 2009, 08:49:27 AM »

no its not much trouble.

but I have 4 password styles and I just wanted to feel out which way to go with it.
1 is a simple, share with anyone password and never used for actually secure things. always the same
2 is a bit harder for things I should care about a little, and sometimes share it. always the same
3 is really long and complicated. always the same, never shared. but not used for money or hardend stuff.
4 I have my real passwords. first 4 of machine name, a date code like birthday, and a six character random code (which I have to look up.)

i think i will go with 2.
perk actually already knows it, though he might not realize.
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #4 on: April 04, 2009, 10:12:15 AM »

Perk's memory is useless (teenagerzitus). Your secrets are safe.
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Pages: [1]
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!