DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Force Username for Administration

More
03 Dec 2009 23:44 #59185 by admin
Replied by admin on topic Force Username for Administration
But it's not two layers. It's the same layer, just split into two.

Using similar examples to earlier if you have a password

12345678

To crack it, you have to guess a sequence of 8 numbers.

Alternatively, if you had two passwords:

1234 and 5678

Then you still have to figure out 8 numbers but it happens
to be split into two pairs. The probability is the same. In
either case, making the passwords longer makes the
password(s) stronger, but assuming the same number
of digits, it's the same number of permutations.

It only becomes two layers if the data is submitted in a
different way, or from a different source or with a different token,
not when the two parts are of identical type/source.

Chip + PIN on your cashcard is two layer, for example.



Forum Administrator

Please Log in or Create an account to join the conversation.

More
03 Dec 2009 23:46 #59186 by admin
Replied by admin on topic Re: Interesting

Churchill wrote: if the default user name was changeable then the potential chances of being attacked would be less.....I think? So more of a deterrent ?



Having a changeable username (let's say 'Fred') would make it more secure, but so would adding 'Fred' to the beginning of the password.

The code in the router is still just checking 'n' characters entering into a browser dialogue box.



Forum Administrator

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami