editor
698
edits
Passwords: Difference between revisions
m
clean up, typos fixed: eg: → e.g.:
m (clean up, typos fixed: eg: → e.g.:) |
|||
|
__NOTOC__<indicator name="Configuring">[[File:menu-configure.svg|link=:Category:Configuring|30px|Back up to the Configuring Category]]</indicator>
This page describes the various account logins and '''passwords''' that apply to our various systems. Different systems have different levels of password security depending on the requirements.
When changing passwords always be sure to use a secure password! Most of our systems have a 'Generate Password' button which you can use if you wish. The [[Information Pack]] contains some of your account details.
As with the accounts password, the associated email is crucial and someone with access to the email could use a password change request to change the password and access the control pages. This then gives access to all of the other control pages passwords.
===Notes
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot set a password for you, you have to use the password change process (described below).
The line password is related to a broadband line, or data SIM or L2TP Internet access. It is considered very low priority as such systems are rarely used as an attack. When using broadband lines or data SIMs, we normally see a verified circuit ID and as such we will allow a correct login with an incorrect passwords if the circuit matches. The password is also included in the information pack and printed on router information cards to make it easy to configure network equipment - which is especially important when you have no Internet connection.
The username used for a line is in the form of xx@a.n where n is the line number, typically 1 where there is just a single line.
===Notes
*The password can be viewed on the control pages.
*The password is printed and included on information packs and router information cards.
VoIP passwords are considered to be slightly higher security because they can be used with equipment to make chargeable calls. However, the main attack for VoIP passwords is to compromise terminal equipment and either use it directly or access the password and login details it is using. Unfortunately the underling protocol prohibits hashing this password internally. However it is usual for only one device to be configed with each VoIP login, and so reasonable that the password is settable but not visible. We also have in place a number of precautions and warning systems to track if VoIP passwords have been compromised.
===Notes
*The password can be viewed on the control pages, but it is not hashed in our internal systems.
*The password can be set as you wish, but a generate password button is provided for convenience.
The username is the full domain, e.g. www.example.com
===Notes
*At present, passwords are part of our DNS control pages and so can be viewed and changed and are not hashed.
*We are working on ways to hash this password, but as some users make use of rsync for web pages, this is providing more complex. We may provide means to have separate ftp (hashed) and rsync (non hashed) passwords in due course.
The router WiFi password is considered relatively low priority. It is possible for someone to attempt to hack your WiFi, so we do suggest a good password, and the system will try to generate a reasonably memorable password with additional digits to provide extra entropy.
===Notes
*The password can be viewed on the control pages.
*The password is printed and included on information packs and router information cards.
| |||