On 04/05/13 17:36, Edward Ned Harvey (lopser) wrote:
I believe radius only handles password authentication. If you have a cert
infrastructure, it's best to use cert first and username/password only as a
second factor.
Even if you have a 9-char long password full of complex mix caps and symbols, a
brute force attack can crack that in days. If you want security, you really
need to go for certs.
A lot of people don't really care about security though. ;-)
Then why everywhere I go that uses things like a RADIUS gateway to AD,
my account gets locked after 3 failed attempts?
--
Mr. Flibble
King of the Potato People
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
