Differences between revisions 28 and 29
Revision 28 as of 2020-11-05 14:34:18
Size: 2325
Editor: superuser
Comment:
Revision 29 as of 2023-03-14 09:55:42
Size: 2503
Editor: superuser
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
== How to choose a good password ==
A password should be 10 characters or longer. A practical approach for choosing a new passwords is to
=== Connect to login server ===
 
In order to change your password, you have to connect to the server ''login.lst.uni-saarland.de'' via ssh.
To do so just open a console (command promt, terminal, etc.) and type the following command:
Line 7: Line 9:
 (Log in to login.lst.uni-saarland.de)  ssh <your_username>@login.lst.uni-saarland.de
}}}

=== How to choose a good password ===

After logging in, you can create a new password with the command apg - Pick one!

{{{
Line 10: Line 19:
Line 12: Line 22:
== How to change your password ==
To change your password please log in with !SecureShell (ssh) to 'login.lst.uni-saarland.de' and enter the command "passwd".
=== Change your password ===

Finally, use the ''passwd'' command to change the password to either a generated password or one you choose.
Line 16: Line 27:
 ssh <your-username>@login.lst.uni-saarland.de

How to change your LST password

Connect to login server

In order to change your password, you have to connect to the server login.lst.uni-saarland.de via ssh. To do so just open a console (command promt, terminal, etc.) and type the following command:

 ssh <your_username>@login.lst.uni-saarland.de

How to choose a good password

After logging in, you can create a new password with the command apg - Pick one!

 apg -a0 -MNLC -t -m10 -x10

Passwords generated this way will take on average approximately 64 years to be broken by a 8xTitan-X GPU cluster node.

Change your password

Finally, use the passwd command to change the password to either a generated password or one you choose.

 passwd

In case of a "kerberos" messages, please log out and log in and try again.

More information on passwords

A password should be

  • kept secret
  • changed on a regular basis
  • not be easy to guess by others (like your Matrikelnummer or 'klausi1' for instance)
  • new, do not reuse your old password(s)!

Diceware

A very good way to create hard to guess, yet easy to remember passwords (or passphrases) is to employ the "diceware" method using real world, physical dice. In short

  • roll 5 dice 6 times,
  • look up the word which corresponds to the result using an existing list of words,
  • repeat until you have 6 words.
  • Your 30 dice rolls yielded ~77 bits of entropy which is now encoded in the 6 words you chose.

A more detailled description including word lists for many languages can be found here:

http://world.std.com/~reinhold/diceware.html

Mini FAQ

Q: If I use more than 10 characters I am more secure, right?
A: No, not really. Currently we consider a 10 random character password "safe", but feel free to use longer passwords. Please consider that there are other ways to attack your account besides a brute force password attack. Be aware of the fact that there is no perfect security.
https://xkcd.com/538

Q: How about passwords I use on the Internet with my web browser?
A: We recommend using a password manager/password generator, like "keepassx", to create and store long (>30 chars) random passwords. We also recommend using the built in web browser password storage, but it is mandatory to use a strong (see above) master password (Firefox: Preferences -> Security -> Change Master Password) when doing so!

public: Password (last edited 2023-03-14 09:55:42 by superuser)