NRAO Public Wiki Passwords/Passphrases
wants to think much about passwords; they're a hassle, and a pain to remember. Especially if you have dozens of them.
This little topic aims to help you when it comes to your NRAO Public Wiki Password.
What's a Passphrase?
It's a "password" with multiple words. When creating a new passphrase to replace an old, short, password, you can choose to use spaces or not. See this picture
to find out why we want you to use a phrase instead of a word.
What are the rules?
They are quite simple, really.
- Use a good passphrase (see below).
- If you get a request from the NRAO Information Security Officer, a NRAO Computing Division Head or a NRAO Systems Administrator to change your password, please do so within 2 business days. Or reset it if you've forgotten it.
- If asked and you do not change your password within those 2 days, your password will be reset.
- Minimum password length on this wiki is 15 (so you really should use a phrase instead; easier to remember, easier to type).
These rules are set by NRAO's Computing Security Policy. They apply to all NRAO passwords, not just those on the public Wiki.
How do you know if my password is weak?
We run an integrity check on all NRAO account passwords on a weekly basis (wiki and other). "Good" passwords will not be "cracked" or found out by this check. Weak ones will.
What makes a good passphrase?
- Try this passphrase generator. Repeatedly if you want; When you find one that you think is particularly amusing to you, invent a silly story to visualize it.
- A good passphrase will have at least three words, preferably four.
- It's ok to have four or more dictionary words in a passphrase, as long as it's not a very well known phrase like "_a piece of cake_".
IF YOU STICK WITH A PASSWORD:
Your password is the Observatory's first line of defense against intruders. It benefits everyone if you take a few minutes to choose a really good password that you can remember but other people can"t easily break, even if you're the only one who'll ever use your computer.
- Never use proper names or nicknames! Pet names are as easy to guess as proper names. Never use a word which comes from a dictionary, in any language. Many people have made dictionaries of profanities, slang, popular television and movies, etc., in many languages. Do not use acronyms e.g., TGIF. There are many dictionaries of those.
- Do not use a name of an Astronomical object, e.g., NGC2167, GR030329, etc. Do not use anything related to NRAO. Do not use anything which might be in some list (like Astronomical objects).
- Make your password 15 or more characters long (see above for passphrase).
- Don't use an obvious combination such as a car model and its year; those are particularly easy to crack, and we've seen several people around here use such passwords (when they got cracked by our routine weekly testing). Amateur radio call signs are also a bad choice.
- Use a random mixture of upper and lower case, numerals, and punctuation. Today's password-cracking programs are very sophisticated, and computing power to run them is cheap and readily available to the "black hats" (the bad guys), so simply appending a numeral or capitalizing a word or name won't stop them. Substituting a zero for the letter "O", or a one for the letter "I" won't buy you much either.
- A dictionary word with a single character (number, letter, punctuation mark) either in front or at the end is very easy for a cracking program to guess. You need to do better than that! (Use the passphrase generator above
- Don't combine unrelated words to form the password, e.g., "weLLcar"; and don't choose a common phrase and make an acronym out of it, e.g., "take a walk on the Wild Side" would become "tawotWS".
- NEVER tell anyone else your password. There are NO EXCEPTIONS to this rule. The sysadmins don't need it (they have "superuser" privileges) and we will never need to ask you for it. If you use the wiki's "Reset Password" function to get a temporary password via e-mail, you should change the temporary password as soon as possible thereafter to a more personal passphrase you can easily remember.
- If for some reason you believe your password has been found out by someone, change it immediately.
What can and can't you have in a password?
For the NRAO public wiki, all characters are valid except: Backspace, Tab, Enter, Delete, @, #, and control characters (e.g. pressing the Control key while subsequently pressing another key).
Can you generate one for me?
You can use the ResetPassword
form to have the wiki itself generate one for you. However, because that new password is sent to you in a clear text e-mail, you need to change it thereafter to a passphrase you can easily remember, one that is only typed in to the secure ChangePassword
I Want to Change my Password
Then go to ChangePassword
. But bear in mind the advice above!
I FORGOT MY PASSWORD - HELP!
You can reset your password on the ResetPassword
topic. A new one will be sent to your registered e-mail address. You should then change this using ChangePassword