Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Node:Password Advice, Next:, Previous:Changing Your Password, Up:Password Management


Password Advice

Your password can include almost any character you can type (except control keys and the "enter" key). A good password is one you can remember, but that no one else can easily guess. Examples of bad passwords are words that can be found in a dictionary, any common or popular name, especially a famous person (or cartoon character), your name or username in any form (e.g., forward, backward, repeated twice, etc.), your spouse's, child's, or pet's name, your birth date, your social security number, and any sample password that appears in this (or any other) manual. MIT recommends that your password be at least 6 characters long, and contain UPPER- and lower-case letters, numbers, and/or punctuation marks. Some passwords that would be good if they weren't listed in this manual include:

  • some initials, like "GykoR-66." for "Get your kicks on Route 66."
  • an easy-to-pronounce nonsense word, like "slaRooBey" or "krang-its"
  • a misspelled phrase, like "2HotPeetzas!" or "ItzAGurl!!!"

Note: don't actually use any of the above passwords. They're only meant to show you how to make up a good password. Passwords that appear in a manual are the first ones intruders will try. Kerberos V5 allows your system administrators to automatically reject bad passwords, based on certain criteria, such as a password dictionary or a minimum length. For example, if the user jennifer, who had a policy "strict" that required a minimum of 8 characaters, chose a password that was less than 8 characters, Kerberos would give an error message like the following: 

     shell% kpasswd
     Password for jennifer:  <- Type your old password here.
     
     jennifer's password is controlled by the policy strict, which
     requires a minimum of 8 characters from at least 3 classes (the five classes
     are lowercase, uppercase, numbers, punctuation, and all other characters).
     
     Enter new password:  <- Type an insecure new password.
     Enter it again:  <- Type it again.
     
     kpasswd: Password is too short while attempting to change password.
     Please choose another password.
     
     Enter new password:  <- Type a good password here.
     Enter it again:  <- Type it again.
     Password changed.
     shell%

Your system administrators can choose the message that is displayed if you choose a bad password, so the message you see may be different from the above example.


 
 
  © 1985-2006 by the Massachusetts Institute of Technology - Reproduced with permission. Design by Interspire