Managing User Account and Password Security Networking

Managing Accounts

First and foremost, you manage access to network resources through a user account and the rights given to that account. The network administrator is charged with the daily maintenance of these accounts. Common security duties include renaming accounts and setting the number of concurrent connections. You can also specify where users can log in, how often they can log in, at what times they can log in, how often their passwords expire, and when their accounts expire.

Disabling Accounts

When a user leaves the organization, you have three options:

_ Leave the account in place.
_ Delete the account.
_ Disable the account.

If you leave the account in place, anyone (including the user to whom it belonged) can log in as that user if they know that user’s password. Therefore, leaving the account in place is a security breach. Deleting the account presents its own set of problems. If you delete an account and then create a new one, the numeric ID associated with that user (UID in UNIX, SID in Windows Server) is lost. It is through this number that passwords and rights to network resources are associated with the user account. If you create a new user account with the same name as the user account you deleted, the identification number of the new account will be different from that of the old account, and thus none of the settings of the old account will be in place for the new account.

Your best practice is to disable an account until a decision has been made as to what should happen to it. Perhaps you’ll want to simply rename the account when a new person is hired. When you disable an account, it still exists but no one can use it to log in. You might also disable an account (rather than deleting it) if someone leaves for an extended period (for example, on maternity/paternity leave or medical leave). In most network operating systems, disabling an account involves changing a setting to say something like Account Disabled.

Disabling Temporary Accounts

Because of the proliferation of contract and temporary employees in the information technology industry, you need to know how to manage temporary accounts. A temporary account is used for only a short period (less than a month or so) and then disabled. Managing the accounts of temporary employees is easy. You can simply set the account to expire on the employee’s anticipated last day of work. The network operating system then disables, but does not delete, these accounts on the expiration date.

Setting Up Anonymous Accounts

Avoid using anonymous accounts for regular network access. If someone is using an anonymous account, you cannot track who manipulated a file. Windows NT/2000/2003 comes with the anonymous account Guest disabled. NetWare does not automatically create a guest account. You should not change these default setups. Some web servers create an Internet user account to allow anonymous access to the website. The Internet user account is automatically created and allowed to access the web server over the network. The password is always blank. You never see a request to log in to the server. This is done automatically. Without this account, no one would be able to access your web pages.

Do not rename the Internet user account or set a password. If you do so, the general public will not be able to view your website. If you want to secure documents, use another web server, secure HTTP, Windows NT domain and file security, or NetWare Directory Services security.

Limiting Connections

You may want to limit the number of times a user can connect to the network. Users should normally be logged in to the network for only one instance because they can only be in one place at a time. If the system indicates they are logged in from more than one place, someone else might be using their account. When you limit concurrent connections to one, only a single user at a single workstation can gain access to the network using a particular user account. Some users, however, might need to log in multiple times in order to use certain applications or perform certain functions. In that case, you can allow the user to have multiple concurrent connections.

Limiting the location from which a user logs in can be important also because typical users shouldn’t log in to the network from any place but their own workstation. Although in theory this is true, it is not often implemented in most corporations. Users move stations, often not taking their computers with them. Or they have to log in at someone else’s station to perform some function. Unless you require really tight security, this restriction requires too much administrative effort. Both NetWare and Windows NT/2000/2003 can limit which station(s) a user is allowed to log in from; however, by default, user accounts are not restricted in this respect. This is probably acceptable in most cases. If you really want to tighten security, restrict users to logging in from their assigned workstations. By default, Windows NT/2000/2003 servers do not allow a regular user to log in at the console because most users should not be working directly on a server. They can do too much damage accidentally. In NetWare, the console interface is entirely different and is not used to access network resources, so this is not an issue.

Renaming the Maintenance Account

Network operating systems automatically give the network maintenance (or administration) account a default name. In Windows NT/2000/2003, this account is named Administrator; in UNIX, it is Root; and in NetWare, it is Admin. If you don’t change this account name, hackers already have half the information they need to break in to your network. The only thing they’re missing is the password.

Rename the account to something innocuous or use the same naming convention that is used for regular users. For example, jmorris is a much better choice than super. Here is a list of common names that you should not use:

_ Analyst
_ Audit
d _ Comptroller
_ Controller
_ Manager
_ Root
_ Super
_ Superuser
_ Supervisor
_ Wizard
_ Any variation on the above

Like any other aspect of network security, passwords must be managed. Managing passwords involves ensuring that all passwords for user accounts follow security guidelines so that they cannot be easily guessed or cracked, as well as implementing features of your network operating system to prevent unauthorized access.

Generally speaking, a strong password is a combination of alphanumeric and special characters that is easy for you to remember and difficult for someone else to guess. Unfortunately, many users try to make things easy on themselves and choose passwords that are easy to guess. Let’s look at some characteristics of strong passwords.

Minimum Length

Strong passwords should be at least eight characters, if not more. They shouldn’t be any longer than 15 characters so that they are easy to remember. You need to specify a minimum length Managing User Account and Password Security 329 for passwords because a short password is easily cracked. For example, there are only so many combinations of three characters. The upper limit depends on the capabilities of your operating system and the ability of your users to remember complex passwords. Users will forget passwords that are too long, so you must balance ease of remembrance with the level of security you need to implement.

The Weak List

Here are some passwords that you should never use:
_ Proper names
_ Any word in the dictionary
_ Birth dates
_ Anniversary dates
_ The word server
_ Any text or label on the PC or monitor
_ Any of the above with a leading number
_ Any of the above with a trailing number
_ Any of the above spelled backward
There are others, but these are the most commonly used weak passwords.

Using Characters to Make a Strong Password

Difficult-to-crack passwords do not have to be difficult to remember, and they should include a combination of numbers, letters, and special characters (not just letters, not just numbers, not just special characters, but a combination of all three). Special characters are those that cannot be considered letters or numbers (for example, $% ^ # @). An example of a strong password is tqbf4#jotld. Such a password may look hard to remember, but it is not. You may remember the following sentence, which uses every letter in the English alphabet: The quick brown fox jumped over the lazy dog. Take the first letter of each word, put the number 4 and a pound (#) symbol in the middle, and you have a strong password. To consistently get strong passwords, you can use auditing tools, such as a crack program that tries to guess passwords. If you use strong passwords, the crack program should have great difficulty guessing them. Use special characters and numbers in the middle of the password, for example, under43gate@w#ay. Do not use just a regular word preceded by or ending with a special character. Good crack programs strip off the leading and trailing characters in their decryption attempts. Here are a few examples of strong passwords: • run4!cover • iron$steel4
• four\$score

Never write your password on a note and stick it under your keyboard or on your monitor. This is the most common network security breach.

All network operating systems (including NetWare, UNIX, and Windows NT/2000/2003) include functions for managing passwords so that the system remains secure and passwords cannot be easily hacked with crack programs. These functions include automatic account lockouts and password expiration.

Automatic Account Lockouts

To ensure that a password can’t be guessed by repeatedly inputting different passwords, most network operating systems have a feature that allows an account to be disabled, or locked out, after several unsuccessful login attempts. Once this feature is enabled on an account, the user cannot log in to that account even if the correct password is entered. This feature prevents a potential hacker from running an automated script to continuously attempt logins using different character combinations for the password.