This subchapter looks at passwd, a Unix (and Linux) command.
This subchapter also includes the list of the 100 worst (most commonly used) passwords.
As mentioned in the previous subchapter, you should change your password from the original default or assigned password to a secure password that nobody else knows. And please dont leave the new password on a sticky note attached to your computer.
This subchapter looks at passwd, a Unix (and Linux) command.
passwd is used to change your password.
This subchapter also includes the list of the 100 worst passwords (100 most commonly used passwords).
setting your password
Type passwd followed by the ENTER or RETURN key.
You will be prompoted to give your current (old) password (to make sure it is really you) and then prompted to enter your new password twice. For security purposes, the password is typically replaced with asterisks or some other character so that nobody can read your password over your shoulder. To make sure that you have typed what you thought you typed you are asked to type the new password twice. The two copies must match before your new password replaces your old password.
The password set by passwd is your local password. On a single user system, this is probably your only password.
On Mac OS X the use of the passwd may or may not be sufficient to change your password for the entire system. This depends on which version of Mac OS X you are using. It is best to change your password using the install disc. If you do not have a copy of the install disc, there are instructions on the internet on how to manually change the password.
On a large system, there may be multiple passwords spread across multiple computers. The passwd command will only change the password on the one server that you are currently logged into (normally through SSH). You may need to use yppasswd or a web interface to change your password for the entire system.
You can check for your account or username in /etc/passwd. If its not listed there, then dont use the passwd. Check with your system administrator.
Whenever you first login into a new system, the first thing you should do is change your password. In particular, immediately change the initial root password for a new system. Leaving the initial default password is a huge security hole and hackers do try all of the standard default passwords to see if they can find an easy way into a computer. Even with a user account, it is common for initial passwords to be generated poorly and be easy for hackers to guess.
Additionally, you want to change your password on a regular basis. It only takes a few months to figure out a password through brute force attacks. Some systems require that you change your password on a regular basis. Once a month is a good time period. More often if you suspect that someone saw you typing or there is any other possibility that your password might have been compromised.
You can set up your account to remind you to change your password on a regular basis. If you are the system administrator, you can set up these reminders for everyone (and should do so). As system administrator you can even require that users change their passwords on a regular basis (or they become locked out and have to come to you to beg for re-entry). As system administrator you can also set up a system that requires (or even suggests) secure passwords.
100 most common passwords
Always avoid the common passwords. These are the most common passwords as of June 2012:
Approximately 4.7% of all users have a password of password. 8.5% have one of the top two passwords. 9.8% (nearly one tenth) have one of the three top passwords. 14% have one of the top 10 passwords. 40% have one of the top 100 passwords. 79% have one of the top 500 passwords. 91% have one of the top 1,000 passwords.
It is important to have secure passwords.
The more characters, the more secure. A minimum of six or eight characters is barely adequate.
A strong mixture of characters for a password includes at least one capital letter, at least one lower case letter, at least on digit, and at least one punctuation character. You should avoid repeating any character more than once in the same password. The special character (such as !@#$%^&*,;) should not be th efirst or last character in the password.
Avoid using any word that occurs in your own or any other natural langauge. Hackers use a dictionary attack that tries words from the dictionary. Also avoid spelling words backwards, using common misspellings, or using abbreviations. Avoid using dates that are important to you (someone can easily look up your birthday or anniversary on the world wide web). Avoid using names of family, friends, or even pets.
A technique that generates decent passwords is to use a key phrase and then use the first letter of each word in the keyword. Sprinkle in digits and special characters (punctuation) and make some of the letters upper case and some lower case.
Never use the same password for more than one purpose. People have the tendency to reuse the same password over and over. If a hacker gets your password from one system, the hacker will see if it also works on your bank account and other systems.
The super user (root) can use the passwd command to reset any other users password. There is no prompt for the current (old) password.
$ passwd username
The super user (root) can also remove a password for a specific user with the -d option. The disable option then allows the specified user to login without a password. This applies to Linux and Solaris only.
$ passwd -d username
On November 8, 2010, Ramesh Natarajan named this the number 34 most frequently used Unix/Linux command at this web page 50 Most Frequently Used UNIX / Linux Commands (With Examples).
comments, suggestions, corrections, criticisms
free music player coding example
Coding example: I am making heavily documented and explained open source code for a method to play music for free almost any song, no subscription fees, no download costs, no advertisements, all completely legal. This is done by building a front-end to YouTube (which checks the copyright permissions for you).
View music player in action: www.musicinpublic.com/.
Create your own copy from the original source code/ (presented for learning programming).
This section is under the category of owning cirticism.
In response to a posting about my article collecting social media, Moderator +Andrew Smith (Technology addict, Web Developer, API guru, futsal and football wannabe, and all round nice guy!, Swordfox Design, arrowtown, new zealand) of the Google+ community Web Developers, Web Designers, Web Coding claims Quite frankly this is self promotion, and your site is not of great quality. I can see how +Joost Schuur would think this of not high enough a standard.
Because I no longer have the computer and software to make PDFs, the book is available as an HTML file, which you can convert into a PDF.
Names and logos of various OSs are trademarks of their respective owners.