Changing passwords

Passwords are crucial both to the security of your account and to the security of the entire system. Therefore, it is recommended that you change your password often. To change your pasword, type:

> yppasswd
You will be prompted for your old password once and your new password twice. Make your password at least 6 upper and lower case numbers and letters. Do not use any control characters, as the system sometimes has problems with them. The password cannot resemble any word in any language. This includes reversed and truncated words. If you attempt to use such words, they will most likely be rejected.

 If you are getting an "RPC Server Error" when trying to change your password, send email to ncerta@uic.edu to reset your password to your UIN (please include UIN and full name) . This should fix the error.


Choosing Good Passwords
Source: Charles H. Buchholtz (chip@eniac.seas.upenn.edu)
Choose a password that is hard to guess.  "Guess", in this context,
refers to a password guessing program that can try hundreds of
passwords in a minute.  Such programs usually try, in order,
variations of your name, a list of commonly chosen passwords, and
words from the English language.  

Passwords should be at least six characters long; 8 is a good length.
I recommend the following methods for choosing passwords:

        + choose two short words and join them with a symbol, like
                "big$deal"
        + choose a phrase, and then use the first letters; for
                example, "A stitch in time saves nine": "asits9"
        + choose an address that you have never lived at, like
                "219S.45th"
        + use letters, numbers, and symbols to make a phrase, such as
                "2b|~2b" (To be or not to be)

Don't use any of the passwords given above.

Do not give out your password.  This includes using that password for
an account outside of the University.  A clever way to get passwords
is to advertise a Bulletin Board System or a network game of some
sort, ask people who join to choose a password, and then use those
passwords to try to break into their other accounts.  Or someone could
ask you to use a program that they wrote, which prompts you to enter
your password.

And don't set your password to anything that you don't make up
yourself.  For instance, someone could fake a posting from the Systems
Administrator, saying "Everyone change your password to 'asits9'", and
then break into everyone's account.


 
Department of Electrical and Computer Engineering
University of Illinois at Chicago
©Copyright Oct. 2012