On 15/11/18 2:51 am, Brian wrote: > And what is the value to an attacker in having /etc/shadow, assuming it > can be decrypted in a sensible time frame? Remotely logging in? Surely > not in these days of ssh keys? Well.... re-use of passwords. We all know that if you have a username (often times an email address) and the password used for that username, then there are too many places where that same credentials might be re-used elsewhere. A.
- Re: Password policy. Jude DaShiell
- Re: Password policy. Reco
- Re: Password policy. Brian
- Re: Password policy. peter
- Re: Password policy. peter
- Re: Password policy. Brian
- Re: Password policy. Andrew McGlashan
- Re: Password policy. Brian
- Re: Password policy. Andrew McGlashan
- Re: Password policy. Brian
- Re: Password policy. Andrew McGlashan
- Re: Password policy. Brian
- Re: Password policy. Richard Hector
- Re: Password policy. Andrew McGlashan
- Re: Password policy. Andrew McGlashan
- Re: Password policy. Corey Manshack
- Re: Password policy. Andrew McGlashan
- Re: Password policy. Brad Rogers
