Hardening Debian -Strong Root Password

Root password must be powerful enough not to get itself lost. Otherwise, the entire system can be considered compromised. This section guides you on how to setup a strong root password.

Identified Threat

(T-08) Weak Root Password Compromises Entire OS

(T-09) Same Root Password with Other Services's Password Open For Easier Password Compensation

Actions Required

Create Strong, non-Sharing Root Password

Identified Threat

These are the identified threats related to root password.

(T-08) Weak Root Password Compromises Entire OS

When a weak password is set for root account, it is easily compromised which hence, allowing attacker to have full access to the operating system.

(T-09) Same Root Password with Other Services's Password Open For Easier Password Compensation

When a strong root password is shared across other services' password (same password across multiple services), it is vulnerable when other services' password is compromised.

Actions Required

These are the a numbers of actions available for countermeasures.

Create Strong, non-Sharing Root Password

Root password must not be shared and be very strong such as it is visible for human but intellectually challenged to remember it. One example would be:

#1 Password (Weak)

SerinaAbel

#2 Passphrase (weak)

you aren’t getting my password!!!

#3 Passphrase (Strong)

Y0u Ar6n’t_Get1ing My P@$sw0rd!!!

#4 Password (Strongest)

E36d$DI3bTQ7aAGNMrQ5QO2Tu9TTR#$Yl

One can read up the following materials to learn how to create strong password:

That's all for setting strong root password for hardening Debian.

Back to Debian Security Hardening