Sun Java System Web Proxy Server 4.0.3 2006Q2 Administration Guide

Choosing Strong Passwords

You use a number of passwords with your server: the administrative password, the private key password, database passwords, and so on. Your administrative password is the most important password of all, since anyone with that password can configure any and all servers on your computer. Your private key password is the next most important. If someone gets your private key and your private key password, they can create a fake server that appears to be yours, or intercept and change communications to and from your server.

A good password is one you will remember but others will not guess. For example, you could remember MCi12!mo as “My Child is 12 months old!” An example of a bad password is your child’s name or birthday.

Creating Hard-to-Crack Passwords

Some simple guidelines will help you create a stronger password. It is not necessary to incorporate all of the following rules in one password, but the more rules you use, the better your chances of making your password hard to crack. Some tips: