Author Topic: Hardening Security wattOS R8  (Read 5652 times)

biffster

  • wattOS - head nerd
  • Administrator
  • Sr. Member
  • *****
  • Posts: 237
    • View Profile
Hardening Security wattOS R8
« on: May 26, 2014, 12:34:13 AM »
I have discovered that the shadow passwords option are not enabled by default after install on wattOS R8.

You don't "have" to change, but using shadow passwords is considered a best practice, and something that should be used on most modern systems unless there is a specific reason to not. Its an option on a typical new advanced Debian install to turn it on or not.

Your passwords are still SHA-512 hashed as they should be, but enabling shadow passwords moves the information to a more secure - root accessible only shadow file

The good news is that its really easy to change.

Open a terminal and enter the command

'sudo pwconv'

enter your password, and its done. I suggest then rebooting and continue working as usual. You will likely not encounter any differences or issues.