Trusted Solaris User's Guide

Change Password

Change Password lets you change your password. Frequently changing passwords shortens the window of opportunity for intruders using illegally obtained passwords; thus, your site's policy may require you to change your password regularly. Your administrator has a number of options for changing your password:

If your administrator has implemented one of the options requiring you to change your password, you should receive a message warning you to change your password prior to the cutoff date. You will be required to change your password by one of two methods, depending on your site's security policy

To Change Passwords by Direct Entry

  1. Select Change Password from the Trusted Path menu.

    You access the Trusted Path menu by holding down the right mouse button while the pointer is over the switch area in the Front Panel.

  2. Choose a new password.

    It must meet the following criteria:

    • The password must be 8 characters in length. (More than 8 characters can be entered but only the first 8 characters are significant.)

    • The password must contain at least two alphabetic characters and at least one numeric or special character.

    • The new password must differ from your previous password; you cannot use a reverse or circular shift of the previous password. (For this comparison, upper case letters and lower case letters are considered to be equal.)

    • The new password must have at least three characters different from the old. (For this comparison, upper case letters and lower case letters are considered to be equal.)

    • It should be difficult to guess. Do not use a common word or a proper name, as individuals attempting to break into an account occasionally use lists to try to guess users' passwords.

  3. Type your old password in the Change Password dialog box and click OK.

    Figure 4-7 Change Password Dialog Box

    Graphic

    This confirms that you are the legitimate user associated with this user name. For the sake of security, the password is not displayed as you type it.


    Caution - Caution -

    When you enter your password, make sure that the cursor is over the Change Password dialog box and that the trusted path symbol is displayed. If the cursor is not over the dialog box, you can inadvertently type your password into a different window where it could be seen by another user. If the symbol is not displayed, then someone may be attempting to steal your password and you should notify your security administrator at once.


  4. Type the new password in the Change Password Confirmation dialog box and click OK.

    Figure 4-8 Change Password Confirmation Dialog Box

    Graphic

  5. Type the new password in the Change Password Reconfirmation dialog box and click OK.

    Figure 4-9 Change Password Reconfirmation Dialog Box

    Graphic

    This step confirms your choice.

  6. Click the OK button in the dialog box (not shown) that notifies you that the change has been made.

To Change Passwords by Choosing from a List

Your administrator has the option to require users to select new passwords from lists of system-generated passwords. Trusted Solaris 8 generates passwords that are pronounceable but difficult for intruders to guess.

  1. Select Change Password from the Trusted Path menu.

    A dialog box requesting your current password is displayed (see Figure 4-7). After you enter your password and click OK, a dialog box similar to the one shown below is displayed (if your system is configured for system-generated entry). The Password Generator dialog box provides you with a choice of five unique system-generated passwords. The pronunciation mnemonic shown in parentheses to the right of each password divides the password into syllables to make it easier to remember.

    Figure 4-10 Password Generator Dialog Box

    Graphic

  2. Read the five password choices.

    1. If you want to use one of these choices, enter it in the confirmation field and press Enter or click OK.

      This step establishes your choice.

    2. If you want to select from a different set of choices, leave the confirmation field blank and press Enter or click OK.

      This step causes five new selections to be displayed. If one of these selections is suitable, enter that choice and press Return or click OK; otherwise repeat this step to get five new selections.

  3. After you are prompted for the password again, re-enter your choice in the confirmation field and press Enter or click OK.

    This step confirms the spelling of your choice and gives you practice at entering it. It closes the dialog box.

To Choose a Password from a List at the Command Line

A command line version of the password generator is provided as an alternative to the Password Generator Dialog Box. Note that this version is available to users in administrative roles only.

  1. Type passwd

    A set of five generated password choices as follows.

    Select password from list:
          rocskovi          [ rocs-kov-i ]
          phuzpeca          [ phuz-pec-a ]
          bephzoba          [ beph-zo-ba ]
          eblircit          [ e-blirc-it ]
          yeaskedo          [ yeas-ke-do ]
    
    Type password to confirm,
    or Return for more choices:

  2. Read the five password choices.

    1. If you want to use one of these choices, enter it and press Enter.

      This step establishes your choice.

    2. If you want to select from a different set of choices, press Enter without making an entry.

      This step causes five new selections to be displayed. If one of these selections is suitable, enter that choice and press Return; otherwise repeat this step to get five new selections.

  3. After you are prompted for the password again, re-enter your choice in the confirmation field and press Enter.

    This step confirms the spelling of your choice and gives you practice at entering it.