CSEE Help Pages
Introduction Unix Windows Tutorials Policies

Passwords: Choosing and Changing

Passwords are the basic unit of security in most computer systems and networks, and that's certainly true here at CSEE.

We recommend that people change their password at least every six months. This should be done immediately if the password is compromised (if someone sees you typing it, if you login to OGI from a remote site and are not sure about their level of security, or any other situation where its security might be compromised).

How do I choose a good password?

A good password is one which makes it as difficult as possible for someone to iterate through dictionary words to try to "guess" it. In the past, OGI CSEE has had numerous problems of crackers exploiting poor passwords to break into our machines.

Our systems now require that your new password meet certain criteria:

  1. It must consist of 6, 7, or 8 characters. For most Unix systems, only the first eight characters are significant.

  2. It must be composed of at least two characters from two of the following character sets, plus at least one character from a third set:

    1. Upper-case letters: A - Z
    2. Lower-case letters: a - z
    3. Numerals: 0 - 9
    4. Punctuation: @, ^, (, etc.

    Alternatively, you can have a single character from each of these four sets but the total length must be >6 characters.

A good password should not have any information that can be easily guessed about you.

A Warning

If you have a Windows account as well as a Unix account, you should be aware that, unfortunately, our Windows and Unix passwords are not served from a single data source. As a result, you'll have to change them separately. This will change when an LDAP system is implemented, but that change has not been effected yet.

Effecting the Change

To change your Unix password (which is also the password you supply to check your e-mail)

  1. Use ssh to login to login.

  2. Launch the yppasswd utility:

    login% yppasswd

  3. You will be prompted to enter your old password.

  4. You will be prompted to enter your new password. Then you'll be asked to confirm it by typing it again.

To change your Windows password

  1. Log in, if you haven't already, to the CSEE domain.

  2. Press Ctrl + Alt + Del.

  3. Choose 'Change Password' in the resulting dialog box and proceed from there.

That should do it!

You can get more tips about picking a good password by reading Selecting Good Passwords from the book Improving The Security Of Your Unix System by David A. Curry.

OHSU :: OGI :: CSEE :: Support :: CSEE :: Unix

This page was most recently revised on February 03, 2006.
Please address questions or comments to the webmaster.