|
Jeff wrote: > Seriously though, you should start worrying when these 'attacks' > stop, cause that means the password may have been cracked! That's a good point. Hopefully the regular password expiration scheme should limit the time a profile will stay compromised for. > If the display device and times of the attempts are consistent > enough to be predictable, a secreted webcam or observation is > an option. 'Discrete' cameras are now so cheap and small that this is a realistic option. Another strategy, if it's one particular profile that's being attacked, might be quietly to create a new production profile for that user. Keep the old profile alive but limit its access to anything useful. Set the password of the old profile to something trivial or 'accidentally' leave it on a PostIt Note by the user's terminal. Then try to catch the old profile signed on. This strategy, of course, will cease to be viable as soon as the attacker realises that the target profile has changed. Dave... "The sooner we get behind schedule, the more time we will have to make it up." -- Anon Construction Superintendent ======================================================= The opinions expressed in this communication are my own and do not necessarily reflect those of my employer.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.