Table of contents
π Passwords: The Basics
Passwords are the most common way to prove your identity online. However, they need to be strong to protect your accounts. Here's what you need to know:
Best Practices:
Use longer passwords (at least 8 characters).
Mix it up with numbers, upper and lower case letters, and symbols.
Avoid common words or simple substitutions.
Never reuse the same password for different accounts.
Change your passwords regularly.
π§ Why Passwords Matter
Using weak or easily guessable passwords can put your accounts at risk. Attackers have many tricks up their sleeves to crack them.
π‘ Password Managers to the Rescue
Password managers like KeePass, LastPass, and 1Password can make life easier:
π KeePass: Keeps your passwords in a secure, encrypted database. Only remember one strong password.
π KeePass
π To Install: brew cask install keepassxc
π LastPass: Manage passwords online, across devices. Also, offers convenient browser plugins and mobile apps.
π LastPass
π 1Password: A competitor to LastPass. Some prefer it due to its security features.
π 1Password
π Public Key Authentication: The Advanced Way
For a higher level of security, you can use public key authentication. Here's how it works:
π SSH (Secure Shell): Uses public key authentication to allow passwordless access to remote hosts.
π Steps to Set Up SSH:
Generate SSH keys with
ssh-keygen -b 4096
.Copy your public key to the SSH server with
scp
.Append the public key to
authorized_keys
.Adjust file permissions with
chmod
.
Simple SSH key Generate
# Generate SSH keys. Use the default file and empty passphrase for the keys.
ssh-keygen -b 4096
# Copy public key to SSH server
scp ~/.ssh/id_rsa.pub <HOST_NAME>:
# SSH to host
ssh <HOST_NAME>
# Append public key to authorized_keys
mkdir ~/.ssh
cat id_rsa.pub >> ~/.ssh/authorized_keys
rm id_rsa.pub
β οΈ Note: The private key should remain secret and have restricted file permissions.
π‘οΈ Advantages of Public Key Authentication:
Enhanced security through cryptographic keys.
Passwordless and non-interactive access.
Avoids the risk of password cracking.
π« Disadvantages of Public Key Authentication:
More complex setup.
If the private key is compromised, it's a security risk.
π Tips and Tricks
Simplify login to different hosts using SSH config files.
Set defaults for hosts so you don't need to enter the same details repeatedly.
π Sample SSH Config File:
Host my_host
Hostname ec2-42-42-42-42.us-west-2.compute.amazonaws.com
User ec2-user
IdentityFile ~/.ssh/host_public_key.pub
π Now, you can connect with ssh my_host
effortlessly.
π Deliverable: Create SSH keys, add the public key to an SSH server, and test logging in without a password.
So, choose your authentication method wiselyβpasswords for simplicity or public keys for enhanced security. Stay safe online! ππ