< Previous | Contents | Next >
Root Password
The installer prompts for a password (Figure 4.6, “Root Password” [page 72]) since it automatically creates a super-user root account. The installer also asks for a confirmation of the password to prevent any input error which would later be difficult to adjust.
Figure 4.6 Root Password
The Administrator The root user’s password should be long (eight characters or more) and impossible Password to guess, since attackers target Internet-connected computers and servers with au- tomated tools, attempting to log in with obvious passwords. Sometimes attackers
leverage dictionary attacks, using many combinations of words and numbers as pass- words. Avoid using the names of children or parents and dates of birth, because these are easily guessed.
These remarks are equally applicable to other user passwords but the consequences of a compromised account are less drastic for users without administrative rights.
If you are lacking inspiration, don’t hesitate to use a password generator, such as pwgen (found in the package of the same name, which is already included in the base Kali installation).
The Administrator The root user’s password should be long (eight characters or more) and impossible Password to guess, since attackers target Internet-connected computers and servers with au- tomated tools, attempting to log in with obvious passwords. Sometimes attackers
leverage dictionary attacks, using many combinations of words and numbers as pass- words. Avoid using the names of children or parents and dates of birth, because these are easily guessed.
These remarks are equally applicable to other user passwords but the consequences of a compromised account are less drastic for users without administrative rights.
If you are lacking inspiration, don’t hesitate to use a password generator, such as pwgen (found in the package of the same name, which is already included in the base Kali installation).