Lets talk Linux security! What security programs, CLI tools, GUi tools do you use to keep you linux system secure?

And Mint quickly spotted the attack, patched their website, removed the dodgy files and restored their original .ISO’s.

Don't forget when their forum was hacked and they absconded with the personal information of all the forum members, forcing password resets.
 


One security measure that i have that's vital to me using computers is a document containing passwords, it's a protection against a security attack, which is all too common with user accounts.
A better option for that is Password Manager or Password Vault whatever you want to call it.
 
do you mean a physical document, where yu write your passwords on paper or do you mean a digital document where you store you passwords in say a digital format???
It's digital and password locked in case of malware
 
Nope! Could be malware.
So could the program you are opening your text document with and plain-text with a list of password isn't smart security-wise either. Good Password Managers get yearly security audits and share the results publicly.
 
So could the program you are opening your text document with and plain-text with a list of password isn't smart security-wise either. Good Password Managers get yearly security audits and share the results publicly.
This is interesting subject because there have some major hacks in the last few years, one in particular was a gaming server which gave hackers access to hundreds of thousands of fresh passwords. This list of passwords was called the "rock you" list or something, its been added to dictionary attack arsenals have has been proven very effective because the list has such a broad variety of strong decent passwords. As processing power keeps getting better password cracking gets faster and requires less time to crack stronger passwords.

I have a suspiscion in the future most people will switch to biometric passwords (i.e retina scan, fingerprint ect) but the problem with this is , if somebody gets your bometric data it cannot be changed, where as if your password is compromised then that can very easily be changed. But the passwords will have to get increasingly longer, so people will have to make a choice between using real biometric data and risk it getting compromised or keep using long strong passwords but rely on a password manager or your browser to store it or whatever. The complextiy just keeps increasing
 
I have a suspiscion in the future most people will switch to biometric passwords (i.e retina scan, fingerprint ect) but the problem with this is , if somebody gets your bometric data it cannot be changed, where as if your password is compromised then that can very easily be changed. But the passwords will have to get increasingly longer, so people will have to make a choice between using real biometric data and risk it getting compromised or keep using long strong passwords but rely on a password manager or your browser to store it or whatever. The complextiy just keeps increasing
I think that's why they created 2-factor authentication, as you already said biometrics can't change so that when someone makes a copy of your biometric data you can't change it. There are different factors for authentication and I would think different ones had different use cases.
 
Last edited:
I think that's why they created 2-factor authentication, as you already said biometrics can't change so that when someone makes a copy of your biometric data you can't change it. There are different factors for authentication and I would think different ones had differ use cases.
Yeah surprising the 3 best things you can do for computer security are not virus scans but instead are
1. Keep os and all aplications up to date
2. use 2 factor authentication where posssible
3. Use long strong passwords
 
I was joking earlier about password managers being malware, but the reason why I don't want to automate my passwords is because I'll forget them. I personally like to keep giving my weakest password away (it's in the you got pwned database) is I don't want to give away new passwords that can and will get stolen.
 
I was joking earlier about password managers being malware, but the reason why I don't want to automate my passwords is because I'll forget them.
Or you can do as @KGIII does, use the "Password reset" function as your password manager.
 
I was joking earlier about password managers being malware, but the reason why I don't want to automate my passwords is because I'll forget them. I personally like to keep giving my weakest password away (it's in the you got pwned database) is I don't want to give away new passwords that can and will get stolen.
Its good to know how passwords are cracked so we can create stronger passwords not as easy to crack.
Hackers tend to create "rules" for their dictionary attacks for example they may have a rule to generate words from a dictionary and names one after the other , with the first letter being an upper case and ending in 2 numerical digits for example

Linuxjohn50

This is typical of how many people make passswords, but away to make it very strong it add a character somewhere randomly that would break up the word like

Lin_uxjoh_n50

people use characters but often replace a number 0 with the letter o which again is common and rules have been created to crack such combinations

I dont believe any password is uncrackable ,rather the time to crack the password goes up, people will aways go for the lowest hanging fruit first!
 
Or you can do as @KGIII does, use the "Password reset" function as your password manager.

Laugh all you want, folks! It works for me!

(I know some of my passwords. Some? I haven't gotta clue.)
 
do you mean a physical document, where yu write your passwords on paper or do you mean a digital document where you store you passwords in say a digital format???
I post my passwords on facebook so they'll be easy to find. :D
 
post-it note taped to the monitor. You can never be too careful. :)
 
I was joking earlier about password managers being malware, but the reason why I don't want to automate my passwords is because I'll forget them. I personally like to keep giving my weakest password away (it's in the you got pwned database) is I don't want to give away new passwords that can and will get stolen.
Use KeePassXC you don't have to remember...
 
not remembering is a vulnerability on so many levels...
Anything is vulnerable. Are you afraid to use anything because of it being vulnerable? I don't get it and don't care to.

You can always encrypt it using VeraCrypt. Oh yea... that's vulnerable also... Because with technology nothing is 100% secure.
 
Anything is vulnerable. Are you afraid to use anything because of it being vulnerable? I don't get it and don't care to.

You can always encrypt it using VeraCrypt. Oh yea... that's vulnerable also... Because with technology nothing is 100% secure.
i prefer to remember passwords because that is my preference, makes more sense to me than forgetting them. You can use that program but it's probably better to also write them down.
 
i prefer to remember passwords because that is my preference, makes more sense to me than forgetting them. You can use that program but it's probably better to also write them down.
That's your choice and it's not really wise to write down your passwords, that's one of the most unsecure ways of saving your passwords. But do as you want. I backup my password database on different encrypted flash drives.
 
will be interesting to see where passwords and methods of authentication go in the next 5-10 years. I think we will see more bio metrics used like fingerprinting, retina scans ect. no matteer which method is used there will always be a hack or a work around!
 

Staff online

Members online


Latest posts

Top