Summary
Deciding whether or not to run password crackers at your company can be a difficult decision. On one hand, security always states that you should never share your password with anyone else and no one should know what your password is. Password cracking breaks this rule, because whoever runs the password cracker knows what everyone’s password is. Therefore, I recommend the following strategies for using password crackers at your organization:
Always get permission from management.
Publish a password policy that not only states what the policy is, but that it will be enforced.
Run password crackers on a regular basis and uniformly enforce the policy.
Run password crackers so that they only crack passwords that do not adhere to the policy. ...
Get Hackers Beware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
