Passwords
Written by Scott Ostrander   
Friday, 21 January 2011 13:52

Frequently Asked Questions About Passwords

  • How do I change my password(s)?
To update your NIS/LDAP password, log onto shell.cs.utah.edu, and run:
yppasswd
This will change your password across all the *nix machines in the department.  Note that some systems run caching daemons and it may take upwards of 10 minutes for the old password to expire from the cache.
To change your Active Directory password log onto shell.cs.utah.edu and run:
smbpasswd -r sodom.cs.utah.edu
We regularly run our password database against various password crackers.  If your password is vulnerable, your account will be locked without warning. 
  • How do I pick a secure password?
A good strategy it to pick a phrase that you can remember and then use the first letter of each word in the phrase.  Modify it with uppercase, numbers, and symbols. e.g.
all good dogs go to heaven
Could become: 
Agdg2h!*
Make sure your password (for NIS) is 8 chars in length.  Anything longer gets truncated. Do not pick a proper noun or a word from any language! Even permutations of words will most likely be caught by the password cracker.
You may also test your password at the PasswordMeter orYetAnotherPasswordMeter. These are just two of many.  Google for others.
  • How do I to test my own password to see if it is crackable?
John the Ripper is Open Source software.  You can run it against this word list: /uusoc/facility/contrib/tag/john/8chr.lst.  You may get your passwd via the getent command on shell.cs.utah.edu.
  • What if I've forgotten or need to reset my password?
There is a web front end with options for NIS/*nix (shell.cs, Linux systems, email, web, etc.) and Active Directory (Windows, VPN) that let you sync your local passwords to your uNID's password.

Do not email support to ask for your current password.  It is encrypted and we cannot decipher it for you.  Never respond to an email that asks for your password.  It is a phishing scam.  We'll never ask for your password.