One of the simplest ways someone can access a server without authorization is by brute-forcing the root password — running an automated program to try every possible password combination (which may or may not involve using dictionary words). Thus, a few guidelines must be followed to protect your Cloud Server:

• Passwords should contain characters from at least three of the following four sets:
  • Lower case letters
  • Upper case letters
  • Numbers
  • Symbols
• Passwords should be no shorter than 9 characters, regardless of complexity.
• Passwords should not contain or be based on:
  • Your username (or any usernames on the system)
  • The name of the Cloud Server
  • Dictionary words, even in multiples

The root password must be changed immediately upon logging in for the first time. To do this, type:

passwd

You will be prompted for your new password.