Passwords: Difference between revisions

Back up to the Configuring Category
From AAISP Support Site
mNo edit summary
(clean up)
(2 intermediate revisions by one other user not shown)
Line 10: Line 10:
|-
|-
|
|
===About===
==About==
The DSL login is used to access the Control Pages as well as what you use in your DSL router to log in to the Internet. This uses the xxx@a or xxx@a.1 style username.
The DSL login is used to access the Control Pages as well as what you use in your DSL router to log in to the Internet. This uses the xxx@a or xxx@a.1 style username.


Line 17: Line 17:
As with the accounts password, the associated email is crucial and someone with access to the email could use a password change request to change the password and access the control pages. This then gives access to all of the other control pages passwords.
As with the accounts password, the associated email is crucial and someone with access to the email could use a password change request to change the password and access the control pages. This then gives access to all of the other control pages passwords.


===Notes===
==Notes==
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot set a password for you, you have to use the password change process (described below).
*Staff cannot set a password for you, you have to use the password change process (described below).
*Staff are able to invalidate your password if you request, and you should advise staff if you think the password is compromised.
*Staff are able to invalidate your password if you request, and you should advise staff if you think the password is compromised.


===Changing Password===
==Changing Password==
A new password can be requested via: [https://control.aa.net.uk/newpass.cgi https://control.aa.net.uk/newpass.cgi]
A new password can be requested via: [https://control.aa.net.uk/newpass.cgi https://control.aa.net.uk/newpass.cgi]
*Enter in your email and login (Staff can send you a reset email manually if you ask them)
*Enter in your email and login (Staff can send you a reset email manually if you ask them)
Line 29: Line 29:
*Review the instruction on that page, and then click the 'Set Password' once you're happy with the new password
*Review the instruction on that page, and then click the 'Set Password' once you're happy with the new password
*Log on to the Control Pages with your new password
*Log on to the Control Pages with your new password

==Two factor authentication==
2FA is available, see https://www.aaisp.net.uk/kb-broadband-2fa.html


|}
|}
Line 35: Line 38:
|-
|-
|
|
===About===
==About==
The accounts system login and password are used to allow access to the accounts, statements, and invoices. This is a very important password as we trust that any orders placed with the correct account number and password are genuinely from you or your organisation, and more importantly, from someone that is authorised to spend money with us. This password can be used to order services as well as changing or ceasing existing services.
The accounts system login and password are used to allow access to the accounts, statements, and invoices. This is a very important password as we trust that any orders placed with the correct account number and password are genuinely from you or your organisation, and more importantly, from someone that is authorised to spend money with us. This password can be used to order services as well as changing or ceasing existing services.


Line 44: Line 47:
The username is your Account Reference - typically AnnnnA, where nnnn are numbers.
The username is your Account Reference - typically AnnnnA, where nnnn are numbers.


===Notes===
==Notes==
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot set a password for you, you have to use the password change process (described below).
*Staff cannot set a password for you, you have to use the password change process (described below).
*Staff are able to invalidate your password if you request, and you should advise staff if you think the password is compromised.
*Staff are able to invalidate your password if you request, and you should advise staff if you think the password is compromised.


===Changing Password===
==Changing Password==
The password change process is used to set a password, and can be used if you have forgotten your password or simply want to change it. You can use the forgotten password link to request the password change email, or you can ask a member of staff to send it to you.
The password change process is used to set a password, and can be used if you have forgotten your password or simply want to change it. You can use the forgotten password link to request the password change email, or you can ask a member of staff to send it to you.


Line 60: Line 63:
#*We strongly recommend using the passwords we suggest as they are random and avoid any association with you or the account. You can, if you wish, enter your own password. If you want to do this, please ask staff and they will show you how. However, entering a password can lead to poor passwords, and password re-use which are not a good idea.
#*We strongly recommend using the passwords we suggest as they are random and avoid any association with you or the account. You can, if you wish, enter your own password. If you want to do this, please ask staff and they will show you how. However, entering a password can lead to poor passwords, and password re-use which are not a good idea.
#You will then get a second email confirming that the password has been changed. (The password is not included in the email)
#You will then get a second email confirming that the password has been changed. (The password is not included in the email)

==Two factor authentication==
2FA is available, see https://www.aaisp.net.uk/kb-broadband-2fa.html


|}
|}
Line 70: Line 76:
The username used for a line is in the form of xx@a.n where n is the line number, typically 1 where there is just a single line. e.g.: abc@a.1
The username used for a line is in the form of xx@a.n where n is the line number, typically 1 where there is just a single line. e.g.: abc@a.1


===Notes===
==Notes==
*The password can be viewed on the control pages.
*The password can be viewed on the control pages.
*The password is printed and included on information packs and router information cards.
*The password is printed and included on information packs and router information cards.
*The password can be set as you wish, but a generate password button is provided for convenience.
*The password can be set as you wish, but a generate password button is provided for convenience.


===Changing Password===
==Changing Password==
#Log in to the control pages with your Control Page credentials
#Log in to the control pages with your Control Page credentials
#Click on the line you want to change the password of
#Click on the line you want to change the password of
Line 87: Line 93:
|-
|-
|
|
===About===
==About==
The username for email is your full email address.
The username for email is your full email address.


Whilst the email password, used for POP3, IMAP, and authenticated SMTP, may seem relatively low importance, it is not. Email systems are the underpinning of most security as explained above. Unauthorised access to email can allow people to change and access a range or other system's passwords. As such the email passwords have some security.
Whilst the email password, used for POP3, IMAP, and authenticated SMTP, may seem relatively low importance, it is not. Email systems are the underpinning of most security as explained above. Unauthorised access to email can allow people to change and access a range or other system's passwords. As such the email passwords have some security.


===Notes===
==Notes==
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot see the password you have picked, it is hashed internally.
*Staff can set a different password for you, although we'd suggest that customers set this themselves.
*Staff can set a different password for you, although we'd suggest that customers set this themselves.
*When a Mailbox is deleted passwords hashes are removed within 24 hours.
*When a Mailbox is deleted passwords hashes are removed within 24 hours.


===Changing Password===
==Changing Password==
You can set an email password on the control pages, but we recommend using the generate password link to pick one randomly when you do this, for added security.
You can set an email password on the control pages, but we recommend using the generate password link to pick one randomly when you do this, for added security.


Line 112: Line 118:
|-
|-
|
|
===About===
==About==
In order to register a VoIP phone against our servers you'll need a password.
In order to register a VoIP phone against our servers you'll need a password.


VoIP passwords are considered to be slightly higher security because they can be used with equipment to make chargeable calls. However, the main attack for VoIP passwords is to compromise terminal equipment and either use it directly or access the password and login details it is using. Unfortunately the underling protocol prohibits hashing this password internally. However it is usual for only one device to be configed with each VoIP login, and so reasonable that the password is settable but not visible. We also have in place a number of precautions and warning systems to track if VoIP passwords have been compromised.
VoIP passwords are considered to be slightly higher security because they can be used with equipment to make chargeable calls. However, the main attack for VoIP passwords is to compromise terminal equipment and either use it directly or access the password and login details it is using. Unfortunately the underling protocol prohibits hashing this password internally. However it is usual for only one device to be configed with each VoIP login, and so reasonable that the password is settable but not visible. We also have in place a number of precautions and warning systems to track if VoIP passwords have been compromised.


===Notes===
==Notes==
*The password can be viewed on the control pages, but it is not hashed in our internal systems.
*The password can be viewed on the control pages, but it is not hashed in our internal systems.
*The password can be set as you wish, but a generate password button is provided for convenience.
*The password can be set as you wish, but a generate password button is provided for convenience.


===Changing Password===
==Changing Password==
Log in to the [http://aa.net.uk/login-clueless.html Control Pages] with your main xxx@a login, you'll see the list of numbers, click on the one in question, click on the Incoming tab, and set the password there.
Log in to the [http://aa.net.uk/login-clueless.html Control Pages] with your main xxx@a login, you'll see the list of numbers, click on the one in question, click on the Incoming tab, and set the password there.


Line 131: Line 137:
|-
|-
|
|
===About===
==About==
If we host your web pages, then you use FTP to transfer files to our servers. Web pages are not often targeted on our systems but can be a target for attack to display political or other messages. As such we consider this to be a slightly higher security.
If we host your web pages, then you use FTP to transfer files to our servers. Web pages are not often targeted on our systems but can be a target for attack to display political or other messages. As such we consider this to be a slightly higher security.


The username is the full domain, e.g. www.example.com
The username is the full domain, e.g. www.example.com


===Notes===
==Notes==
*Passwords are part of our DNS control pages
*Passwords are part of our DNS control pages
*Staff cannot see the password you have picked, it is hashed internally.
*Staff cannot see the password you have picked, it is hashed internally.
*Staff can set a different password for you, although we'd strongly suggest that customers set this themselves.
*Staff can set a different password for you, although we'd strongly suggest that customers set this themselves.


===Changing Password===
==Changing Password==
Log in to the [http://aa.net.uk/login-clueless.html Control Pages] with your main xxx@a login, click on the Domain in question, and edit the 'DNS Record' called Password.
Log in to the [http://aa.net.uk/login-clueless.html Control Pages] with your main xxx@a login, click on the Domain in question, and edit the 'DNS Record' called Password.


Line 149: Line 155:
|-
|-
|
|
===About===
==About==
If you have a router supplied by AAISP then the WiFi password will be printed on the card on the base of the router and can also be found in the [[Information Pack]].
If you have a router supplied by AAISP then the WiFi password will be printed on the card on the base of the router and can also be found in the [[Information Pack]].


The router WiFi password is considered relatively low priority. It is possible for someone to attempt to hack your WiFi, so we do suggest a good password, and the system will try to generate a reasonably memorable password with additional digits to provide extra entropy.
The router WiFi password is considered relatively low priority. It is possible for someone to attempt to hack your WiFi, so we do suggest a good password, and the system will try to generate a reasonably memorable password with additional digits to provide extra entropy.


===Notes===
==Notes==
*The password can be viewed on the control pages.
*The password can be viewed on the control pages.
*The password is printed and included on information packs and router information cards.
*The password is printed and included on information packs and router information cards.
*The password can be set as you wish, but a generate password button is provided for convenience.
*The password can be set as you wish, but a generate password button is provided for convenience.


===Changing Password===
==Changing Password==
There are 2 ways of changing the password:
There are 2 ways of changing the password:
#Log in the router and change the password
#Log in the router and change the password
Line 170: Line 176:
|-
|-
|
|
===About===
==About==
The router admin password is considered relatively low priority. It is rare for any directed router attack using a password. The password is included in the information pack and printed on router information cards to make it easy to access the router even when no Internet connection.
The router admin password is considered relatively low priority. It is rare for any directed router attack using a password. The password is included in the information pack and printed on router information cards to make it easy to access the router even when no Internet connection.


===Notes===
==Notes==
*The password can be viewed on the control pages.
*The password can be viewed on the control pages.
*The password is printed and included on information packs and router information cards.
*The password is printed and included on information packs and router information cards.

Revision as of 00:05, 18 August 2018

This page describes the various account logins and passwords that apply to our various systems. Different systems have different levels of password security depending on the requirements.

When changing passwords always be sure to use a secure password! Most of our systems have a 'Generate Password' button which you can use if you wish. The Information Pack contains some of your account details.

Click the 'Expand' link to view the details.