You might have read before that my home network is far from safe due to the presence and the curiosity of my 9-year old son Grep:
Today I was called by a friend and colleague system administrator who regularly skypes with my son. He asked if I knew that my son knew my password on the home network. WTF? I keep that secret from him to avoid him logging in as me on the network and use sudo commands to circumvent the restriction I set for him. And of course keep from peeking in really confidential files I keep on the home server. I have installed NIS on the network, so he can login using my password from any workstation.
My son was quickly to admit that he held the password indeed, and also he told me how he discovered it. He also said he used it from his own computer and not mine so I would discover it in auth.log
. He had no desire as to keep it secret.
When I installed his mother's netbook at the time I booted into Windows 7 once to see if it was functional. I did not remove Windows 7, because if the netbook would ever need warranty repair, I wanted to show Asus I was running Windows, not Linux. I know service centers don't understand Linux and blame any defect on Linux.
When I started Windows for the first time I entered my user name and regular password. (Not smart!). Windows helps users with unsafe behavior. So I had to enter a hint for the password. OK, no problem to come up with some password, but it is a problem to remember it after 6 months. Therefor I used my regular password and also entered the correct hint.
One day my son was using (illegally) his mom's netbook and inadvertently started Windows. There was only one user (me) and when he didn't know the password he was hinted. The hint was My favorite candy
This didn't help him enough, but numerous times he has been looking over my shoulder when I was logging in on one of the workstations. They are routinely locked so I have to enter the password often
I can type quite fast, but not so fast he could not intercept the first 5 characters at some time. This combined with the Windows hint was enough for him.
PS: this message is about my son's hacking capabilities. Not about network security. It is OK to tell me that I should change the password regularly, not using the same password in multiple places, and not a dictionary word. Great. In that case please tell me how to memorize it. This I can't memorize: fl(*&CNkH097&--
. Not even: "IlmwsmIwnbh" (I love my wife so much I will never betray her). Believe me. Last month I forgot the root password of my home server, which I have been using for 8 years. It consists of upper case, lower case, punctuation and numerics. It took me two days before enough synapses had been reconnected in my brain to restore it. Scary.