"Use strong (as in long and/or randomised and impossible to break using rainbow table attacks) password"
Again, since it's just me, this is do-able. But I'm looking for something practical as well. I'm getting the feeling that people don't have an MFA implementation. "if the users are sufficiently discipline" As a Sysadmin, I can tell you they genuinely are not and they likely never will be. Hope for the best, plan for the worst. I also want to clarify that I'm not rejecting any of these suggestions, they're all good. On Sat, Nov 13, 2021 at 4:42 PM Ralph Seichter <ra...@ml.seichter.de> wrote: > * Tyler Montney: > > > Since this is getting increasingly complicated, I wanted to ask before > > going further. What do you all do? Any recommendations? > > Use strong (as in long and/or randomised and impossible to break using > rainbow table attacks) passwords which are used only once (!) and kept > either in the user's brain or in an encrypted password store. Ensure > that authentication data can only be transmitted over encrypted > connections. > > These measures cover a lot of ground, if the users are sufficiently > disciplined. Users are usually the weakest link. > > -Ralph >
