Password Security


One of the simplest ways someone can access a server without authorization is by brute-forcing the root password - running an automated program to try every possible password combination (which may or may not involve using dictionary words). Thus, a few guidelines must be followed to protect your Cloud Server:

  • Passwords should contain characters from at least three of the following four sets:
    • Lower case letters
    • Upper case letters
    • Numbers
    • Symbols
  • Passwords should be no shorter than 9 characters, regardless of complexity.
  • Passwords should not contain or be based on:
    • Your username (or any usernames on the system)
    • The name of the Cloud Server
    • Dictionary words, even in multiples

The root password must be changed immediately upon logging in for the first time. To do this, type:

passwd

You will be prompted for your new password.



Was this content helpful?




© 2014 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License


See license specifics and DISCLAIMER