Kerberos caveats (2)

• Kerberos vulnerable to password guessing attacks

• Choose good passwords!
• Use hardware pre-authentication
• Hardware tokens, Smart cards etc