Passwords: Difference between revisions

Back up to the Configuring Category
From AAISP Support Site
mNo edit summary
mNo edit summary
Line 27: Line 27:
*Review the instruction on that page, and then click the 'Set Password' once you're happy with the new password
*Review the instruction on that page, and then click the 'Set Password' once you're happy with the new password
*Log on to the Control Pages with your new password
*Log on to the Control Pages with your new password



|}
|}


{| role="presentation" class="wikitable mw-collapsible mw-collapsed"
{| role="presentation" class="wikitable mw-collapsible mw-collapsed"
|'''Accounts System Password'''
|'''Accounts System Password'''
Line 63: Line 60:


|}
|}
|}

<div class="toccolours mw-collapsible mw-collapsed" data-expandtext="Click to show the details">
{| role="presentation" class="wikitable mw-collapsible mw-collapsed"
|'''DSL Line Password'''

|-
==Line password==
|
<div class="mw-collapsible-content">

The line password is related to a broadband line, or data SIM or L2TP Internet access. It is considered very low priority as such systems are rarely used as an attack. When using broadband lines or data SIMs, we normally see a verified circuit ID and as such we will allow a correct login with an incorrect passwords if the circuit matches. The password is also included in the information pack and printed on router information cards to make it easy to configure network equipment - which is especially important when you have no Internet connection.
The line password is related to a broadband line, or data SIM or L2TP Internet access. It is considered very low priority as such systems are rarely used as an attack. When using broadband lines or data SIMs, we normally see a verified circuit ID and as such we will allow a correct login with an incorrect passwords if the circuit matches. The password is also included in the information pack and printed on router information cards to make it easy to configure network equipment - which is especially important when you have no Internet connection.


Line 84: Line 80:
#Click OK
#Click OK
#Change the password on your router/equipment to use the new one
#Change the password on your router/equipment to use the new one

</div></div>
|}

<div class="toccolours mw-collapsible mw-collapsed" data-expandtext="Click to show the details">
<div class="toccolours mw-collapsible mw-collapsed" data-expandtext="Click to show the details">



Revision as of 15:25, 29 Ocak 2018

This page describes the various account logins and passwords that apply to our various systems. Different systems have different levels of password security depending on the requirements.

When changing passwords always be sure to use a secure password! Most of our systems have a 'Generate Password' button which you can use if you wish. The Information Pack contains some of your account details.

|}

Email Passwords

About

The username for email is your full email address.

Whilst the email password, used for POP3, IMAP, and authenticated SMTP, may seem relatively low importance, it is not. Email systems are the underpinning of most security as explained above. Unauthorised access to email can allow people to change and access a range or other system's passwords. As such the email passwords have some security.

Notes

  • Staff cannot see the password you have picked, it is hashed internally.
  • Staff can set a different password for you, although we'd suggest that customers set this themselves.
  • When a Mailbox is deleted passwords hashes are removed within 24 hours.

Changing Password

You can set an email password on the control pages, but we recommend using the generate password link to pick one randomly when you do this, for added security.

You can record a reminder for the password if you wish. You should consider security and try to ensure this is not too obvious!

  1. Log in to the Control Pages with your current email address and password, then click on the Change Password link.
  2. Log in to the Control Pages with your main xxx@a login - this will give you access to all your AAISP services, and you'll have access to change Mailbox passwords too.

More on information on the Change Email Password page.

SIP/VoIP Passwords

About

In order to register a VoIP phone against our servers you'll need a password.

VoIP passwords are considered to be slightly higher security because they can be used with equipment to make chargeable calls. However, the main attack for VoIP passwords is to compromise terminal equipment and either use it directly or access the password and login details it is using. Unfortunately the underling protocol prohibits hashing this password internally. However it is usual for only one device to be configed with each VoIP login, and so reasonable that the password is settable but not visible. We also have in place a number of precautions and warning systems to track if VoIP passwords have been compromised.

Notes

  • The password can be viewed on the control pages, but it is not hashed in our internal systems.
  • The password can be set as you wish, but a generate password button is provided for convenience.

Changing Password

Log in to the Control Pages with your main xxx@a login, you'll see the list of numbers, click on the one in question, click on the Incoming tab, and set the password there.

Read more about VoIP Security

Web Page Hosting

About

If we host your web pages, then you use FTP to transfer files to our servers. Web pages are not often targeted on our systems but can be a target for attack to display political or other messages. As such we consider this to be a slightly higher security.

The username is the full domain, e.g. www.example.com

Notes

  • Passwords are part of our DNS control pages
  • Staff cannot see the password you have picked, it is hashed internally.
  • Staff can set a different password for you, although we'd strongly suggest that customers set this themselves.

Changing Password

Log in to the Control Pages with your main xxx@a login, click on the Domain in question, and edit the 'DNS Record' called Password.

Supplied Router WiFi Password

About

If you have a router supplied by AAISP then the WiFi password will be printed on the card on the base of the router and can also be found in the Information Pack.

The router WiFi password is considered relatively low priority. It is possible for someone to attempt to hack your WiFi, so we do suggest a good password, and the system will try to generate a reasonably memorable password with additional digits to provide extra entropy.

Notes

  • The password can be viewed on the control pages.
  • The password is printed and included on information packs and router information cards.
  • The password can be set as you wish, but a generate password button is provided for convenience.

Changing Password

There are 2 ways of changing the password:

  1. Log in the router and change the password
  2. Log in the Control Pages with your main xxx@a, click on the Line in question, click the Router Settings page, change the WiFi password and then click 'Send Configuration' - This will overwrite any changes you may have made since the router was originally configured by AAISP.

More information on the Router Settings Page

Supplied Router Admin Password

About

The router admin password is considered relatively low priority. It is rare for any directed router attack using a password. The password is included in the information pack and printed on router information cards to make it easy to access the router even when no Internet connection.

Notes

  • The password can be viewed on the control pages.
  • The password is printed and included on information packs and router information cards.
  • The password can be set as you wish, but a generate password button is provided for convenience.