changing your password

We have set up our CS Lab such that your password is the same on all machines. Technically, your password is kept on the server (allspice), and is propagated to the other machines.

To change your password, run the passwd command from any of the lab machines. After successfully changing your password on a lab machine, it will usually take 15-20 seconds to have it propagated to all of the other machines in the CS Lab.

if you forget your password

Try our self-service password reset service: password.cs.swarthmore.edu (Hit the "Forgotten Password" button, then enter your username and hit "Search")

If that doesn't work, just email local-staff. One of the sysadmins will get back to you and help you reset your password. If we don't know you, we will ask to see your Swarthmore ID.

choosing good passwords

Here are some helpful hints about choosing good passwords, taken from a document on UNIX Password Security by Walter Belgers (see below for full document):

Pick a password that consists of more than just upper- or lowercase characters, or only one capital (`seCret' is thus a bad password). It is preferable to use a non-alphanumeric character in the password (%,=,*, etc.). The use of control characters is possible, but not all control characters can be used, and it can give rise to problems with some networking protocols.

A few methods:

• Concatenate two words that together consist of seven characters and that have no connection to each other. Concatenate them with a punctuation mark in the middle and convert some characters to uppercase. Examples: `Pit+idEa', `plOVer#me'.
• Use the first characters of the words of a certain (not too common) sentence. When we use the sentence `My goldfish are called Justerini and Brooks!' as an example, we would get the password `MgacJaB!'. (Also in this case make sure you use an eight-character password with uppercase characters and/or punctuation marks.)
• Alternately pick a consonant and one or two vowels resulting in a pronounceable (and therefore easy to remember) word. Examples: `koDupaNy', `eityPOop'.

And here are a few rules on how not to choose a good password, also taken from the same document by W. Belgers:

Passwords that should NOT be used are e.g.:

• all English words and derivatives (so `laugh', `laughs', `laughing', etc.)
• all words from a foreign language (it is easy to get foreign dictionaries)
• words that can be found in the passwordfile itself like Walter, Belgers, gigawalt, etc.
• patterns like 123456, qwerty, etc.
• geographical names
• words from an encyclopedia (`Socrates')
• the license plate of a car, the roomnumber, the phonenumber or other things that have something to do with the owner of the account
• given names
• variations of these (walter, WALTER, retlaw, Walter, wAlter, walter0, walt3r, Retlaw4,...) Also take into account doubling words or adding a random character.

Finally, if you want more information on why it is important to choose a good password, please see this document on UNIX Password Security, written by Walter Belgers.