“High-profile data breaches at companies like British Airways and Marriott get a lot of media coverage, but cybercriminals are increasingly going after community groups, schools, small businesses, and municipal governments.”
Adding an extra layer of security to your online accounts is a fundamental step to protect your digital life from hackers, but what’s the point if the new methods are just as vulnerable as the old ones? But let’s back up for a second.
Selected by Galigio via Computer Borders
One of the primary vehicles used by bad guys to access our systems is stealing log-in credentials in order to impersonate real users. All the security processes and tools in the world are circumvented when someone has your username and password.
That’s where two-factor authentication (2FA) comes into play. 2FA works by adding another authentication challenge to the equation. It’s not just about what you know – your password, it’s also about something you have. That’s where the authenticator apps from Microsoft and Google come into play.
Selected by Galigio via Computer Borders
If you are a Linux user, particularly Ubuntu, and are the only person that uses your computer, sometimes the fact that your operating system constantly requires for your password every time you log in, then at a certain moment you might want to decide to get rid of it. All you need to do is to follow the next steps carefully and you will be ready to go.
- Run a new terminal. This is essential, since, as you already know, every important command and feature of Ubuntu and Linux in general must be done in this way
- Run the command ‘sudo visudo’. This will at first require the current root password, as every line starting with ‘sudo’ does.
- Type the root password and hit return
- A new document will now open in your terminal, which will require some editing. Specifically, a new line should be added in the end of this document. This line is ‘username ALL=NOPASSWORD:ALL’. As you can guess, this will make your operating system stop asking about your root password every time you log in, regardless of the user you use for this process.
- Save the edited document and make sure the changes are active.
- Restart your computer and check to see whether you can log in without your root password.
As you can see, getting rid of the root password is a rather easy process and sometimes it will save you a lot of time. However, make sure you only do this if you are the only person who uses your account on your operating system, because otherwise your security will be exposed.
It happens sometime that you can’t remember root password. On Linux, recovering root password can be done by booting Linux under a specific mode: single user mode.
This tutorial will show how to boot Linux in single user mode when using GRUB and finally how to change root password.
During normal usage, a Linux OS runs under runlevels between 2 and 5 which corresponds to various multi-user modes. Booting Linux under runlevel 1 will allow one to enter into a specific mode, single user mode. Under such a level, you directly get a root prompt. From there, changing root password is a piece of cake.
Some Linux distribution, such as Ubuntu for instance, offer a specific boot menu entry where it is stated “Recovery Mode” or “Single-User Mode“. If this is your case, selecting this menu entry will boot your machine into single user mode, you can carry on with the next part. If not, you might want to read this part.
Using GRUB, you can manually edit the proposed menu entry at boot time. To do so, when GRUB is presenting the menu list (you might need to press ESC first), follow those instructions:
– use the arrows to select the boot entry you want to modify.
– press e to edit the entry
– use the arrows to go to kernel line
– press e to edit this entry
– at the end of the line add the word: single
– press ESC to go back to the parent menu
– press b to boot this kernel
The kernel should be booting as usual (except for the graphical splash screen you might be used to), and you will finally get a root prompt (sh#).
Here we are, we have gained root access to the filesystem, let’s finally change the password.
As root, changing password does not ask for your old password, therefore running the command:
will prompt you for your new password and will ask you to confirm it to make sure there is no typo.
That’s it, you can now reboot your box and gain root access again.
Today, in our Linux Page (in Spanish) we posted a post about Ophcrack: a Linux Live CD which allows you to recover your Windows password when you forgot them. Sincerely, the described above situation is not common but it could really happen especially when you do not use a PC for some time or if you want to help a friend who is not so skilled with its own computer. Ophcrack is easy to use, sufficiently fast and effective. I tested it to recover some passwords on an old laptop and the results were very interesting; in fact I was able to recover password from accounts I totally forgot to own. Useful! This post has been written just for informative purpose! Please, remind that you are directly responsible for any law violation you commit in case of misuse of the information contained above.