1. You are here:
  2. DSV
  3. Education
  4. Computer facilities
  5. Rules
  6. A good password

Passwords

The password you initially get from DSV is of good quality. If you decide to change the password then the new one must also be of good quality. When changing the Windows or Kerberos password, the following rules are mandatory:

  • The password must be at least 8 characters long
  • The password must contain characters from at least three of the following four classes:
    1. Lowercase letters a-z
    2. Capital letters A-Z
    3. Numerals 0-9
    4. Non-alphanumeric characters such as + - ? = ) ( / & % $ £ # @ ! : ; . , _  etc
  • The password must not contain your user name or obvious patterns such as 1234, qwerty, etc
  • An old password can not be reused

Additional tips for picking a good password

  • Pick a password of at least eight characters, preferably more. Short passwords can be hacked by letting a computer try all possible combinations.
  • Include special characters such as numbers, punctuation marks, percentage sign, etc.
  • Use a mixture of upper case and lower case characters.
  • Do not pick your own user name, first name, birth date,  telephone number, car number, names of relatives, friends or places
  • Do not pick words that appear in dictionaries or word lists in any language. Password cracking programs have access to dictionaries in different languages, as well as lists of popular passwords.
  • Do not pick obvious patterns such as zzzzzz, qwerty, 123456, abcdef, etc.
  • Do not use repeated words, such as carcar, or words spelled backwards.
  • It is not enough to just add a number to a common word, e.g. bic3ycle.
  • Do not reuse an old password.
  • Never give your password to anyone else.
  • Do not use the same password on DSV systems and systems outside DSV
  • Avoid using the eight bit characters, åäöÅÄÖ, as they can cause problems in the system.
  • It is better to pick a strong password and write it down somewhere than to pick a weak password. Make sure you keep the note in a safe place.

Changing Passwords

Change the given password to one of your own choice. Preferably use different passwords in each system.

  • Kerberos:  Use this web page or run the command "kpasswd" in a terminal window on a DSV Linux computer
  • MS Windows: Press Control-Alt-Delete
  • FirstClass: Click on the menu "Collaborate" in the FirstClass client and choose "Change Password..."

Phishing

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Sometimes you may receive an e-mail which requires you to send in your user-id and password. Note that DSV never asks for passwords by e-mail or phone. The e-mail sender can be faked so don't rely on it that the e-mail is from DSV staff. The purpose of getting the user-id and password is to use the owners e-mail account to send out spam. An example of a phishing e-mail is:

Dear dsv.su.se Subcriber,

This message is from dsv.su.se messaging center to all users of this
Domain.

We are currently upgrading our data base and e-mail account center.
We are deleting all unused email account to create more space for new
accounts.To prevent your account from closing you will have to update it
below so that we will know that it's at present a used account.

CONFIRM YOUR EMAIL IDENTITY BELOW Email
Username : ...............
Email Password : ................
Date of Birth:.......................
Country or Territory : ..........

Warning!!!
Account owners that refuses to update his or her account within Seven days
of receiving this warning will lose his or her account permanently. Thank you

Warning Code:VX2G99AAJ
Last updated: July 21, 2009
Page editor: Sven Olofsson
In cooperation with KTH.