In order to change the password of an accont, its old values must be known. The password can be changed by entering
in a terminal window. We request that the password fulfills certain security standards. Short words, and ones occuring in a dictionary (or variations thereof) are not allowed. Characters from at least three of the four character classes
- capital letters: [A-Z]
- lower case letters: [a-z]
- digits: [0-9]
- all other characters
must occur in any acceptable password, and it must be at least 8 characters long. Passwords which do not meet these requirements are rejected with an explaining error message.
Forgotten passwords can be reset by the computer lab in U5-142, but we request that you prove your identity.
Each account is equipped with two passwords, an internal and an external one. Normally, they are identical, to set them differently, please contact us.
The purpose of the two passwords is explained in the following.
The internal password is required for logging into any Linux computer in a faculty office or the computer pool. If the correct internal password is entered, the user is granted a Kerberos ticket, which is then used to access a variety of services without further authentication. Such a ticket is also called a credential. A valid Kerberos ticket is essential for the functioning of most services related to the account, including the login itself. The internal password can also be used for logging into the remote servers ssh and ssh2, in which case a Kerberos ticket is granted there as well, with the same benefits. If the external password is used there, however, the login is accepted, but not Kerberos ticket is granted. It is then not possible to connect to other faculty computers without entering a password again, or to access e-mail without authentication.
With the external password you can log into the remote servers ssh and ssh2, and use the mail services of the faculty (with password authentication). All web-logins, such as webmail, only accept the external password. However, some web-services of the faculty have their own user-management; the normal accounts cannot be used with those.
With the external password, former faculty members and external users can use all IT services which can be accessed remotely.