logo
Blue team
User account sanity checks
  • Red team
  • Green team
  • Purple team
  • Indigo team
  • Broomstick Brief
  • Ty Myrddin
Initializing search
      • Blue team @SOC
      • Blue team for dev
      • Blue team @Home
      • IPA project
      • Bulletproofing servers
        • The wake-up call
        • Hardening Linux server
          • User account sanity checks
            • Configuring sudo
            • Disabling root access
            • Locking home directories
            • Configuring password complexity
            • Configuring other password requirements
            • Dangers of the lxd group
          • User account sanity checks
            • Configuring sudo
            • Disabling root access
            • Locking home directories
            • Configuring password complexity
            • Configuring other password requirements
            • Dangers of the lxd group
          • Remove unnecessary services
          • Preventing unauthorised access while respecting privacy
          • The CIA triad framework for security
          • Virtual network computing
          • Taming permissions, xattrs & the dangers of SUID/SGID
          • PKI: The beautiful mess of digital trust (and why nothing works properly)
          • From basic monitoring to intrusion detection
          • Continuous host monitoring and threat detection
          • Incident response plan
          • Troubleshooting
        • Hardening webserver
        • Smarter mail servers
      • Honeytech for humans

    User account sanity checksΒΆ

    The principle of least privilege states that each user should only have enough access to perform their daily tasks: configuration of sudo, using complex passwords, disabling root access and locking down home directories.

    Securing user accounts

    • Configuring sudo
    • Disabling root access
    • Locking home directories
    • Configuring password complexity
    • Configuring other password requirements
    • Dangers of the lxd group
    Last update: 2025-06-11 07:09
    Back to top
    Previous Hardening Linux server
    Next Configuring sudo
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7