And i don't agree with that Not all encryptions are perfectly safe, but some are. You may have also noticed increasing amount of sites which demand password to contain at least 1 number and capital letter, to improve even the bad ones.
From end to start, the password guessing is in my opinion history already, unless system is built really bad. Admins will most likely get big red alarms after 5 wrong password attempts already, and ban the IP. They can shut it down if they see the attacks continuing on numerous IPs. Well, it doesn't require even admins, systems can prevent repeated attempts automatically usually.
If i was admin to such cloud server network, i'd use same IP whitelist for each server. As we know, the hackers were able to crack into something else than normal steam login because otherwise they wouldn't access all users at once. So, if each server only allows connections from other servers that are in the whitelist, wouldn't that solve everything? Admins themselves only need localhost connection to the server they are at. Allowing remote connection to big amount of data can be a root of problems. Even most server software (FileZilla FTP, Apache etc) lets admins only login from local network, by default.
Bookmarks