Passwords

Password Security

You are given a personal user identifier (or logon name) to authorise your use of DAMTP computer systems. This identifier is for use ONLY by yourself, and you are required to set a secret password to prevent other persons from using it. Please observe the following guidelines for choosing a password and keeping it secret. It is vitally important that computer hackers are denied access to your computer facilities. A hacker discovering your password could:

  • delete all your files or, even worse, make subtle changes to your programs or data files
  • impersonate you by sending false electronic mail

A most serious danger is that a hacker, having gained access to the local network using a stolen password, could then go on to exploit other security loopholes and cause widespread damage to files on multiple computers, both within DAMTP and elsewhere. Even if the hacker does no apparent damage, there will still be major disruption to services while computers are being reloaded with fresh, reliable copies of the operating system software.

Choosing a Password and How To Change Your Password

Instructions about changing your password. You will be asked to type your existing password and your new password twice for confirmation. Choose a password of between six and eight letters containing letters, numbers and punctuation characters. Do not use your name or initials, your logon name, your telephone number, a common English or foreign word, or any of these reversed or repeated. Programs exist which can crack such passwords.

Use something like 747!aDa (the use of upper and lower case letters is recommended and a mix is required). You might choose two short unrelated words and join them together with punctuation: dat?Swan. Another technique is to use initial letters of a phrase (but one that is not too well known): Ptotlbl (do not use any of these example passwords yourself!)

The department's password changing program performs some checks on the new password to try to reduce the chances of your password being one of those which is easy to guess. The set of checks it performs is:

  • it may not be a palendrome
  • it may not be similar to your old password
  • it must not contain your login name
  • it must bet at least 6 characters long
  • passwords must contain a mix of types of character. This test is fairly complex, each character is considered to be in one of 4 classes lower case letters, upper case letters, digits, and punctuation. Firstly the number of classes used added to the lenght must reach a threshold (9 at the moment), so shorter passwords must use more classes. In addition there must be at least 3 transitions of class - so the password looks more mixed up.

If the system doesn't like your new password it will print a message which should explain what it doesn't like, it may also suggest adding characters from classes which you arn't using.

If you have any problems selecting new password please contact help [help@damtp.cam.ac.uk] for more information.

Keeping your password secret

Do not keep using the password given to you initially. Set a new personal password when you first log on. Do not write your password down, do not let anyone watch you typing it in, and do not keep a copy on the computer!

You must not give your password to anyone else for whatever reason. If you wish to share information with a colleague there are ways of doing this safely without compromising your password. If in doubt ask a Computer Officer.

THE FOLLOWING IS EXTREMELY IMPORTANT!!!

Do not use your DAMTP password on remote computer systems, including the Central Unix Service (CUS), Public Workstation Facility (PWF), Isaac Newton Institute, Earth Sciences, or any other facility.

Otherwise, if your password is discovered by a spy on a remote system, it could be used to attack DAMTP computers, and similarly, a stolen DAMTP password could be used to attack other computers to which you have access.

This is a most important rule. Please obey it and help to protect your computing facilities.

Last updated on 2000-June-30 by jp107 [jp107@damtp.cam.ac.uk].

Useful Link

Please email any suggestions, corrections, broken links, or errors to itweb [itweb@damtp.cam.ac.uk]