Passwords

When your account was created, you were given an initial password. The first thing you should do is to change the password using the yppasswd command. It is important to choose a password that can not be easily guessed. Don't imagine that this matter is unimportant just because you have nothing sensitive or valuable in your account. Unix servers are favorite targets of hackers, because they can use them as a base of operations for attacking other computers. Therefore it is important for all of our users to take security seriously.

Your password should be 7 or 8 characters long. Avoid choosing a password that is an English or foreign-language word, a person's or pet's name, your login name, your social security number, etc. Note that upper and lower case letters are distinguished in Unix passwords. Punctuation as well as control characters (other than Backspace, control-U and Enter are allowed too. More suggestions are available in the document Selecting Good Passwords

If you would like to be reasonably sure that your password is strong enough to resist casual hacking, you should vist the Password Checker page, which will evaluate the strength of your password.

If you would rather not deal with the yppasswd command yourself, you should use the cryptpass web page, which will do the following:

1. It gives you the opportunity to check the strength of your new password, via the Password Checker page.
2. It gives you instructions for safely forwarding your new password to our system administrators, who will install your new password at the earliest opportunity.

Note that the first time you visit this URL, you will be asked to accept a security certificate from the site. This is because cryptpass uses a secure connection to prevent your mail session from being snooped. Your proper response is to accept the certificate permanently, answering ``yes'' to all questions in this dialog.)

Important note: Most email is insecure and unencrypted. You should never send a password to somebody via email. (This also applies to social security numbers, credit card numbers, and so forth.)