RSS Feed
News
Jul
26
Stop pass-the-hash attacks before they begin
Posted by Roger A. Grimes on 26 July 2011 12:00 PM

Oh how I long for the days of hackers simply cracking password hashes. Defending against that technique required only three steps: First, protect your password hashes from being stolen. Second, use strong password hashes. Third, make your passwords long enough to prevent easy cracking.

These days, cracking password hashes is passé. Today's hackers are all about pass-the-hash (PTH) attacks. With PTH attacks, the bad guys steal the hashes -- either from the password-hash-storage databases or from memory -- and reuse them to create brand-new authenticated sessions.


Comments (0)
.errorcopyarea { margin: 0 0 1em; padding: 0.4em; background: #fff; border: solid 1px #d6d6d6; box-shadow: 1px 1px 2px #CCCCCC; width: 100%; height: 200px; } .copytoclipboard { margin: 15px 0 15px 0; text-shadow: 0 1px 0 rgba(255, 255, 255, 0.8); font-weight: bold; border-bottom: 1px solid #d6d6d6; padding: 5px; } .titlegradient { background-image: linear-gradient(bottom, rgb(144,23,17) 46%, rgb(166,27,17) 73%, rgb(184,24,6) 87%); background-image: -o-linear-gradient(bottom, rgb(144,23,17) 46%, rgb(166,27,17) 73%, rgb(184,24,6) 87%); background-image: -moz-linear-gradient(bottom, rgb(144,23,17) 46%, rgb(166,27,17) 73%, rgb(184,24,6) 87%); background-image: -webkit-linear-gradient(bottom, rgb(144,23,17) 46%, rgb(166,27,17) 73%, rgb(184,24,6) 87%); background-image: -ms-linear-gradient(bottom, rgb(144,23,17) 46%, rgb(166,27,17) 73%, rgb(184,24,6) 87%); background-image: -webkit-gradient( linear, left bottom, left top, color-stop(0.46, rgb(144,23,17)), color-stop(0.73, rgb(166,27,17)), color-stop(0.87, rgb(184,24,6)) ); } #kayako_exception { text-align: left; color: #333; } #kayako_exception h1, #kayako_exception h2 { margin: 0; padding: 1em; font-size: 1em; font-weight: normal; background: #911; color: #fff; } #kayako_exception h1 a, #kayako_exception h2 a { color: #fff; } #kayako_exception h2 { background: #222; } #kayako_exception h3 { margin: 0; padding: 0.4em 0 0; font-size: 1em; font-weight: normal; } #kayako_exception p { margin: 0; padding: 0.2em 0; } #kayako_exception a { color: #333333; text-decoration: none; } #kayako_exception pre { overflow: auto; white-space: pre-wrap; } #kayako_exception table { width: 100%; display: block; margin: 0 0 0.4em; padding: 0; border-collapse: collapse; background: #fff; } #kayako_exception table td { border: solid 1px #ddd; text-align: left; vertical-align: top; padding: 0.4em; } #kayako_exception div.content { padding: 0.4em 1em 1em; overflow: hidden; } #kayako_exception pre.source { margin: 0 0 1em; padding: 0.4em; background: #fff; border: solid 1px #d6d6d6; box-shadow: 1px 1px 2px #CCCCCC; line-height: 1.2em; } #kayako_exception pre.source span.line { display: block; } #kayako_exception pre.source.collapsed { display: none; } #kayako_exception pre.source span.highlight { background: #FDEEF4; } #kayako_exception pre.source span.line span.number { color: #666; } #kayako_exception ol.trace { display: block; margin: 0 0 0 2em; padding: 0; list-style: decimal; } #kayako_exception ol.trace li { margin: 0; padding: 0; } #kayako_exception .collapsed { display: none; } #kayako_exception .sourcetitle { text-shadow: 0 1px 0 rgba(255, 255, 255, 0.8); } #kayako_exception .sourcedesc { text-shadow: 0 1px 0 rgba(255, 255, 255, 0.8); font-weight: bold; } #kayako_exception .variabletype { font-weight: none; font-style: italic; }
Notice
Undefined index: _commentsModule (F:/domains/ldd.co.za/wwwroot/support/__swift/cache/73430362bb83db60b4c21e0169bf4e9f.php:54)
Copy to clipboard:
/Comments/Submit/5/" enctype="multipart/form-data" name="CommentsForm">
Post a new comment
 
 
Full Name:
Email:
Comments:
Help Desk Software by Kayako Fusion