UNIX Password Changes

        By Dianna Laakso, UNIX System Administrator (dianna@unt.edu)

        Due to recent security compromises, UNIX System Management has begun periodic scans of all passwords for passwords that are easily guessable. Weak passwords can provide a door for intruders to initially enter a system,and begin an attack. For this reason it is imperative that users select passwords that are difficult to guess.

        If you are uncertain whether or not your password is a good password, read the guidelines that follow for help.

        When a weak password is found, the System Manager will notify the account owner via E-mail and ask that the password be changed immediately. Another check will be performed the following week, and all remaining weak passwords will be expired at that time with no further notice. If you do not receive E-mail,you may assume that your password is secure.

        We now provide a Web based utility for changing your password. This utility checks for weak passwords before changing the password. It is located at http://people.unt.edu/manage/

        Password Guidelines

        Good passwords are passwords that are difficult to guess. In general, good passwords:

        • Have both uppercase and lowercase letters
        • Have digits and/or punctuation characters as well as letters
        • Are easy to remember, so they do not have to be written down
        • Are seven or eight characters long
        • Can be typed quickly, so somebody cannot follow what you type by looking over your shoulder

        Suggestions for good passwords:

        • Take two short words and combine them with a special character or number (e.g. robot4my or eye-con)
        • Put together an acronym that's special to you, such as Notfsw (None Of This Fancy Stuff Works)

        To be secure, a password should not be any of the following:

        • Your name
        • Your spouse's name
        • Your parent's name
        • Your pet's name
        • Your child's name
        • Names of close friends or coworkers
        • Names of your favorite fantasy characters
        • Your boss's name
        • Anybody's name
        • The name of the operating system you're using
        • The hostname of your computer
        • Your phone number
        • Your license plate number
        • Any part of your social security number
        • Anybody's birth date
        • Other information easily obtained about you
        • Words such as wizard, guru, gandalf, etc.
        • Any username on the computer in any form
        • A word in the English dictionary
        • A word in a foreign dictionary
        • A place
        • A proper noun
        • Passwords of all the same letter
        • Simple patters of letters on the keyboard (e.g. qwerty)
        • Any of the above spelled backwards
        • Any of the above followed or prepended by a digit


        Previous Article <== ==> Next Article

        If you have any problems or questions about this server, contact us as soon us as soon as possible. You can send mail to the following address: www@unt.edu