To change the RBG/IPS-password you should use the command passwd in the command line. The command requires the entering so nobody can change the password of another user if the other user is e.g. at the printer or something like that.

After that you can set a new password and confirm the password. Please enter the password twice to make sure that you really remember the password! If the password is not allowed by the policies (at least nine characters and not in the alphabet etc.), the password will not be accepted.

The system will give you an explanation in English how the new password can look like or gives you a suggestion.

The minimum requirement is a nine character long password explained in the policies.

• After the login on the pool computer or via SSH

testds@clientssh1:~$ passwd
(current) LDAP Password:

You can now choose the new password or passphrase.

A good password should be a mix of upper and lower case letters,
digits, and other characters.  You can use a 9 character long
password.

A passphrase should be of at least 3 words, 9 to 40 characters
long, and contain enough different characters.

Alternatively, if no one else can see your terminal now, you can
pick this as your password: "Quake7Focal=Sahara".

Enter new password:
Re-type new password:
passwd: password successfully changed

If you don't know your password anymore there are two possibilities to get a new password:

• in the Service-Center in the room S2|02 - C119 you can ask for a new password
• if you use the webinterface you can reset the password with your TU-ID. You will recieve a mail at you Stud adress. The link is valid for 6 hours.

If you have no browser by hand you can use the terminal in the poolroom C005 or any other poolroom computer. To do so you can use the following login data:

• Benutzername: firstrbg
• Passwort: firstrbg1

This account only works on a local computer and not with the Clientssh!

After the login you will find a desktop-icon to reset your password, like on the picture:

In detail:

• HRZ password: to get a new HRZ password
• manage the RBG/ISP Account: if you need a RBG/ISP account but don't have one or you want to force a password reset
• RBG/ISP webmail: to look up your RBG/ISP webmail
• Logout: logout of the system

Accourding to the user agreement a password is to chose in a certain way: the password should not be guessable by a program or another user. There are a lot of different (more or less known) policies, e.g. this link (in German)

• The six most important tips for a secure password

There is no absolut Security with passwords. You can not be sure that somebody is able to guess your password or can get it with brute force. But to get some kind of security this is not so hard - and you don't have to use some kind of “secure” generator that are available in Linux.

It's essential that any knowledge about the person and his environment (friends, addresses, birthdays, …) as well as the use of any dictionaries with spelling variants and interspersed special characters is not sufficient to crack the password. SO: use a wild combination of characters (letters, numbers, special characters) which might not make so much sense and this fact might lead to more security.

• In summary, the following policies can be used as a guide:
  • The length must be at least nine characters and can be in the maximum 19 characters long
  • You must not use names or well known words from a dictionary - not even in a foreign language
  • The password must not have any reference to the user (birthday, name of boy-/girlfriend…)
  • The password should be a mis of different characters (different capitalized), special characters and numbers
  • Do not write the password down. (Kerckhoffs principle)
  • The structure of the password shouldn't be guessable. That includes sequences like “QWERTZUI”.