I've a question about the usefulness of password cracking programs.
One of the system administrators at a supercomputing center where we
run our programs has the Crack software continuously running in
background on a supercomputer. We've complained that this is simply
eating up valuable supercomputer time and he counters that it is
absolutely essential for maintaing the security of the supercomputing
center. (Note: There is no military research being done at this site and
very little industrial research.)
Now, I'm just a normal user and do not know much about computer security.
So, can someone explain to me whether or not this is a normal procedure
at supercomputer centers? Does this really increase the security level?
If someone were to crack the password of a normal user, would this pose
more than a local problem? (I realize that if the root password were
cracked you could have serious problems.) How do other computer centers
deal with the problem of users using easy to crack passwords?
Also, if anyone has experience with the Crack software -- about how much
cpu-time would be needed to check 2,000 passwords? How often do normal
system administrators run the Crack software?
Thanks for any help!