214 Part II . Running (Web server application) the Show Choosing
214 Part II . Running the Show Choosing Strong Passwords A strong password is one that is not easily guessed. It should contain a mixture of uppercase and lowercase letters, numbers, and possibly even punctuation, yet still be something you can remember. A good way to choose a strong password is to take the first letter from each word of an easily remembered sentence. The password can be made even better by adding numbers, punctuation, and varied case. The sentence you choose should have meaning only to you, and should not be publicly available (choosing a sentence on your personal Web page is a bad idea). Table 6-4 lists examples of strong passwords and the tricks used to remember them. Table 6-4 Ideas for Good Passwords Password How to Remember It Mrci7yo! My rusty car is 7 years old! 2emBp1ib 2 elephants make BAD pets, 1 is better ItMc?Gib Is that MY coat? Give it back The passwords look like gibberish, but are actually rather easy to recall. Placing emphasis on words that stand for capital letters, for example, make them simple to remember. Use the passwd command to change your password. Type passwd in a command shell; you re prompted to enter your old password. To protect against someone shoulder surfing and learning your password, the password is not displayed as you type. If you typed your old password correctly, you are prompted to type in your new password. The passwd command checks the new password against cracklib to determine if it is a good or bad password. Non-root users are required to try a different password if the one they have chosen is not a good password. The root user is the only user who is permitted to assign bad passwords. Once the password has been accepted by cracklib, the passwd command will ask you to enter the new password a second time to make sure there are no typos (which are hard to detect when you can t see what you are typing). When running as root, it is possible to change a user s password by supplying that user s login name as a parameter to the passwd command. For example, typing # passwd joe
Searching for affordable and reliable webhost to host and run your web applications? Go to our java web server services and you will be pleased.