Databases Reference
In-Depth Information
Figure 4.4
Using SQLdict to
run a dictionary
attack on the
sa
account in SQL
Server.
hackers will probably try that as well. And finally, track for failed login
attempts to alert you in case a password cracking tool is used.
Here are some simple dos and dont's:
Do:
Use a password with mixed-case letters.
Use numbers in your passwords. I like the method that takes vowels
and replaces them with numbers—it is good and easy to remember.
For example, take a word such as
malicious
and replace vowels with
numbers to get the password
m2l1c108s
. Don't use only this method,
though, because a human hacker can try to guess at these if they see
that you always use this method. Also, don't map the vowels to num-
bers always in the same way.
Use punctuation marks within your passwords.
Use passwords with at least six characters, and a minimum of eight is
even better.
If possible, choose a password that can be typed quickly and that can-
not be easily guessed if someone looks over your shoulder.
Search WWH ::
Custom Search