direkt auf einer Sun

Das Passwort auf den von der RBG betreuten Suns kann mit dem Befehl passwd geändert werden. Dazu muss der Befehl in einer shell auf einer Sun aufgerufen werden.

bilbo{hugo} passwd
passwd: Changing password for hugo
Enter existing login password:
New Password:
Re-enter new Password:
passwd: password successfully changed for hugo
passwd: credential information changed for hugo

Die Fragen nach dem alten und 2 mal nach dem neuen Passwort müssen beantwortet werden. Das neue Passwort muss sich um mindestens 3 Zeichen von dem alten Passwort unterscheiden. Wenn die beiden unteren Zeilen ausgegeben werden hat die Passwortänderung erfolgreich geklappt.

von einer remote Shell aus

Wenn das Passwort von einer remote Shell aus geändert werden soll, muss vor dem Aufruf des passwd Befehls noch das Kommando keylogin aufgerufen werden.

Zu diesem Thema gibt es einen guten Text vom Unabhängigen Landeszentrum für Datenschutz Schleswig-Holstein.

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein: Passwort und Passphrase

 

Desweiteren gibt es folgenden englischsprachigen Text:

Selecting Passwords

The object when choosing a password is to make it as difficult as possible for a cracker to make educated guesses about what you've chosen. This leaves him no alternative but a brute-force search, trying every possible combination of letters, numbers, and punctuation. A search of this sort, even conducted on a machine that could try one million passwords per second (most machines can try less than one hundred per second), would require, on the average, over one hundred years to complete. With this as our goal, and by using the information in the preceding text, a set of guidelines for password selection can be constructed:

• Don't use your login name in any form (as-is, reversed, capitalized, doubled, etc.).
• Don't use your first or last name in any form.
• Don't use your spouse's or child's name.
• Don't use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the brand of your automobile, the name of the street you live on, etc.
• Don't use a password of all digits, or all the same letter. This significantly decreases the search time for a cracker.
• Don't use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.
• Don't use a password shorter than six characters.
• Do use a password with mixed-case alphabetics.
• Do use a password with nonalphabetic characters, e.g., digits or punctuation.
• Do use a password that is easy to remember, so you don't have to write it down.
• Do use a password that you can type quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by watching over your shoulder.

Although this list may seem to restrict passwords to an extreme, there are several methods for choosing secure, easy-to-remember passwords that obey the above rules. Some of these include the following:

• Choose a line or two from a song or poem, and use the first letter of each word. For example, In Xanadu did Kubla Kahn a stately pleasure dome decree becomes IXdKKaspdd.
• Alternate between one consonant and one or two vowels, up to eight characters. This provides nonsense words that are usually pronounceable, and thus easily remembered. Examples include routboo, quadpop, and so on.
• Choose two short words and concatenate them together with a punctation character between them. For example: dog;rain, book+mug, kid?goat.

New passwords should be at least five characters long, if they combine upper-case and lower-case letters, or at least six characters long if in monocase. Users that persist in entering shorter passwords are compromising their own security. The number of significant characters in a password is eight, although longer passwords will be accepted.