Password vulnerabilties in Linux

I DO NOT use my ROOT account's password or I do not use ROOT at all (except for administrative tasks), could the ROOT's password be sniffed EVEN if its NOT in use most of the time? (In other words, IDLE). If ROOT account is left IDLE most of the time, will it be vulnerable for password attacks?

In other words, I change my password under my limited user account every 60-days. But, I dont change the ROOT's password because I do not use it ONLY for emergencies and stuff like that. My question is, will it be OK to just leave ROOT's password UNCHANGED and only change my user password every 60-days???

Hope this is clear.
jslayton01Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ravenplCommented:
1. Your root pass can only be sniffed while You type it(someone can sniff the network, look at Your keboard, read Your mind, etc). If You suspect someone could, change the password.

2. The password is stored in /etc/shadow file hashed (one way encryption). If attacker can get the hash, it's easy for him to try guess Your password, hash it and match against Your /etc/shadow hash. In the case someone could have the hash, You should change Your password even You didn't use it one time. Hence reading /etc/shadow requires root privileges in first place(or physical access to the machine).

3. The attacer can try to guess Your password, and try to log in with it (this is most common case for weak passwords). In this case, if You have complicated enought password, You don;t need to change it. Nobody knows, maybe changing it would in fact help the attacker.

I also hope, this is clear ;)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
awoodbySenior Technical AnalystCommented:
The root password can be sniffed if someone is on your network and you log in remotely via plaintext.  So long as you never log in with telnet, ftp and the like as root you're fine.

You CAN log in as root with ssh, it's well encrypted.

In fact, you should NOT be logging in with even your non-root password via telnet if you're concerned with security, once in with that username an intruder can wreak havoc with that as well.

Use ssh, you can get putty for free (windows ssh program) or use native ssh if you're running a real OS :)

--alex
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.