$title = "Changing password - the passwd command"; $area = "Unix Support"; $metadata = "unix, password, passwd, security, forgotten"; $pfloc = ""; require '/usr/local/wwwdocs/ucs/fragments/header.phtml'; require '/usr/local/wwwdocs/ucs/fragments/header-bc.phtml'; ?>
You cannot use the initial password given to you when you register for Unix. You have to set it to something new.
Log in to any ISS Unix system: aidan or finan (the two central time sharing systems) can be used from any desktop computer which has a Telnet program (ISS PCs have both a Telnet program and the Exceed X-Windows program in the Communications group).
The prompt is:
login:
to which you type your login name (only) and press Return. You will then be asked for your password.
Unix is case-sensitive - if you type your login name or password wrongly, login will fail and you will get the same error message whether it is the password or the login name which is wrong. For example, if your password is Jim99iny and you type jim99iny, login will fail.
Type the command
passwd
(If you are using a Linux workstation use the yppasswd command instead of passwd).
You will be prompted to enter your present password and then your new password twice as a check for typing errors as no characters are shown on the screen as you type:
Current password:
New password (? for help):
New password (again):
On ISS systems the command forces you to choose a good password. It will not accept passwords that:
There are many Unix systems in the University which are not run by the ISS, and these may not enforce the same restrictions. Nonetheless when choosing a password for use on non-ISS systems it is clearly advisable to use the principles described above.
The ISS uses password-cracking programs, similar to those used by hackers, in order to detect weak passwords before the computer ciminals do. If we crack your password you have to change it.
If we have good reason to suspect that an account has been compromised, it is disabled. Unfortunately this causes the owner some inconvenience, but we believe that this is a smaller price to pay than the various potential consequences of leaving such an account open.
In general your password should be made up of the letters of the alphabet (in upper or lower case), numbers and punctuation marks (excluding the prohibited characters mentioned above).
A password is unsuitable if it is a word in a dictionary, a name, a birthday, a telephone number, a car registration number, a place name, a username, the name of a department, or any other personal information.
A password is also unsuitable if it can be "derived" from a word in a dictionary or from personal information. For that reason the following methods should be rejected:
Simply inserting a non-letter: charles3, !street, %jane8, bedrock+
Reversing a word: selrahc$, =teerts
Duplicating a word: kim1kim1, kim11mik, 1mik1mik
Making substitutions: j0hnj0hn, c0mput1ng
One way to choose a password is to think of a simple phrase you can easily remember, and then use the initial letters of the words in the phrase as your password. For example, the phrase "I have eight fingers and two thumbs" could be used to remember the password Ih8fa2t. (Don't use that one - find your own!)
Another method is to start from a long and very unusual place name, insert some punctuation characters, and then alter or remove some of the letters. For example, suppose you enjoyed a holiday last year in the Scottish Highlands. You might pick the name of a place that you visited, say, Kingussie. Inserting a punctuation character, removing a letter and truncating to eight characters might yield kin&gusi which would be a suitable, and (for you) a memorable password.
If you forget your password for any ISS service you need to go to ISS Reception and request that it be reset. You need some form of definite personal identification - your University SmartCard is preferred.
This is the only way that passwords are re-set: we will not change passwords in response to telephone or email requests. If you are unable to come in person to Reception, telephone [0191 222] 8039 for advice.
SAP users should note that passwords for PSE Management cannot be reset: please call the SAP Help Desk on 5999.
require '/usr/local/wwwdocs/ucs/fragments/footer.phtml'; ?>