System Security and Passwords

System security relies heavily on user passwords being difficult to
guess and on not being left in places where others can seem them written
down.  If your password can be easily guessed or otherwise obtained,
complete strangers with malevolent purpose can cause you, and other
users and the system extreme damage.

While we can, and have, implemented several systems and hired additional
staff to improve system security, it is important that YOU choose a
secure password and keep it secure.

As a matter of course, any account whose password has been guessed will
receive a single warning to change the password to a more secure
password.  If the warning is ignored, the account will be frozen.
Accounts that have been guessed or otherwise compromised by Information
Systems or other users will be frozen to prevent unauthorized access.
Your account's security is your responsibility.  What happens within
your account as a result of using an insecure password is also your
responsibility.

Following the guidelines below will result in a password more secure
than most.

        o   Use a password of 6 to 8 characters in length
        o   Use at least one upper case letter
        o   Use at least one lower case letter
        o   Use at least one numeric character
        o   DO NOT use passwords which contain words or names regardless
            of the language!
        o   DO NOT write your password down!
        o   DO NOT share your account with anyone else!

A secure password may be obtained by using the following method:

        1.  Select a phrase from a song or a quote which has a special
            meaning for you so it will be easy to remember.
        2.  Take the first letter of each word from the selected text.
        3.  Replace letters with numbers where appropriate or add
            numbers within the text
        4.  Change the case of one or more letters to upper case in a
            manner which will be easy for you to remember.
        5.  Add additional numbers or letters to make the length at
            least 6 characters long or remove excess characters from the
            beginning or end.
        
        For example:
        
            "Three blind mice, see how they run" could become "3Bm,sHTr"
        
        NOTE:  This is an example, please DO NOT use it!

Passwords may be changed on any AIX site using the "passwd" command.

Although passwords are one-way encrypted, the system password file is
readable by everyone.  Information Systems is working toward a
technology that will not make the password field available to the users.

For more information about security and passwords, please refer to the
system policies via the "policy" command and previous system news
postings via the "sysnews" command.