1. Password

2. On a Unix system without Shadow Suite, user information including passwords is stored in the /etc/passwd file. Each line in /etc/passwd is a colon- separated record. The fields are –Username –Encrypted password –User ID –Group ID

3. –Comment (often user name) –Home directory –Default shell Example Jdoe:2bT1cMw8zeSdw:500:500:John Doe:/home/jdoe:/bin/bash Password is stored in an encoded format. One way hash function –Computation is easy in the encoding direction. –Time consuming to calculate in the reverse direction.

4. Unix crypt() function –Take the first 8 characters of the password –Concatenates the low 7-bits of each of these 8 characters into a 56-bit key. –Using this key, a sequence of 64-zero-bits is encrypted into a 64-bit code. Use DES 25 times with permutation. 4096 permutation is encoded in two characters called salt. –The code is split into 11 six-bit numbers.

5. –Each six-bit number is stored as a char q[i]  {.,/,0-9,A-Z,a-z}. –The salt value is prepended resulting in a sequence of 13 characters. –Example Salt = ‘A1’ Password = ‘MyPass’ Encrypted password = ‘A1qLr2pFD.Ddw’ –If two users have the same password, the chance of them having the same slat is 1/4096. The encrypted password will probably be different.

6. Password Cracking –Computationally difficult to take a randomly encoded password and recover the original password. –The key space consists of 2^56 possible values. –Most password cracking strategies involve selecting common words from a dictionary (dictionary attack), or Common patterns used (e.g. testing123) –On any system with more than just a few users, at least some of the passwords will be common words (or simple variations of common words).

7. Password cracking Steps –System crackers simply encrypt a dictionary of words and common passwords using your salt value. –Compare the encoded passwords in your /etc/passwd file. –Some crackers even build a database for a dictionary using all 4096 salt values. –A dictionary of say 400,000 common words, names, passwords, and simple variations would easily fit into 4GB hard drive space, which cost less than HK$150.

8. Creating effective passwords –Avoid bad passwords Simple combination of a name, word and/or number. E.g. –Joe102367 –Fido2000 –Testing123 –8675309 Your name and birthday. Family member’s name and birthday. Pet’s name Phone number Prevention

9. Character from popular films. A non-English word –Non-English word is also party of dictionary attacks. Any of the above backwards. Good password –Use at least one character from each of these character classes: a-z, A-Z, Punctuation, such as ! ( * $ 0-9 –If DES passwords are used, chose 6-8 characters.

10. –If MD5 is used, choose any number of characters (more than 15 is very good). A simple way to create effective passwords –Think of a phrase that is relatively obscure, but easy to remember. –It can be a line from a song, book or a movie. –Create an acronym from it, including capitalized words and punctuation. –E.g. Wake up! Time to die. Wu!T2d

11. Password Shadowing –Hide the encrypted passwords from view. –/etc/passwd still exists, but it does not contain encrypted passwords. An ‘x’ is put in the field. –Another file called /etc/shadow is created. Contains the encrypted passwords. Only readable by root. –Password shadowing is now considered essential for password security.

12. –Format of the Shadow file username: The User Name passwd: The Encoded password last: Days since Jan 1, 1970 that password was last changed may: Days before password may be changed must: Days after which password must be changed warn: Days before password is to expire that user is warned expire: Days after password expires that account is disabled disable: Days since Jan 1, 1970 that account is disabled reserved: A reserved field username:passwd:last:may:must:warn:expire:disable:reserved