In this chapter we've discussed how UNIX identifies users and authenticates their identity at login. We've presented some details on how passwords are represented and used. We'll present more detailed technical information in succeeding chapters on how to protect access to your password files and passwords, but the basic and most important advice for protecting your system can be summarized as follows:
Use one-time passwords if possible.
Ensure that every account has a password.
Ensure that every user chooses a strong password.
Don't tell your password to other users.
Remember: even if the world's greatest computer cracker should happen to dial up your machine, if that person is stuck at the login: prompt, the only thing that he or she can do is to guess usernames and passwords, hoping to hit one combination that is correct. Unless the criminal has specifically targeted your computer out of revenge or because of special information that's on your system, the perpetrator is likely to give up and try to break into another machine.