Penn State Home

                                        

   

 

Policies & Guidelines

SOS Services

Spam Information

Incident Reporting

Security Guides

Setting Passwords

SOS Staff

FAQ

ITS Site Search:



ITS sponsors an annual security awareness campaign

 

 

Passwords

Visit the NEW official Penn State ITS password policy page!

Change your Penn State Access Account password

Occasionally, intruders attempt to gain access to shared computer systems through the accounts of others. Their motives vary from curiosity to criminal malice. It is part of your responsibility as a computer user to create a strong password for both your Penn State Access Account and all operating system accounts on your computer(s).   A Penn State Access Account userID and password enables Penn State students, faculty, and staff to use a range of Internet services on or off campus, at computer labs or on personal computers.  Below is an illustrated guide to creating "good" passwords and how to set passwords for your operating system.  Remember that it is your privacy, your reputation, your files, and your computing resources that are all at risk.

Best Practices for Creating a Password

Use strong passwords to protect your computing resources. See password best practices for tips on how to create a strong password and avoid a weak password. A list of allowed and disallowed special characters for ITS Access Account passwords can be found on the site.

▲return to the top

 

How to form and remember good passwords (passphrases):

One of the easiest to remember and hardest to crack password methods is the pseudo-random password. The actual password is generated from an easy to remember pass-phrase that is important to the user. This phrase can be the words from a book that you particularly like, words from a song that you always remember with ease, a statement that some powerful figure made that you will NEVER forget. The key to a successful password is to create a phrase that is easy for you to remember, but no one else will ever think about attributing it to you.

Good Passphrases:

pass phrase: My Brother's Birthday Is april(4) Twenty Second Nineteen Sixty three(3)

password : mbbi4t$ns6

pass phrase: "Four score and seven years ago our fathers brought…"

password : 4scanse... (arrived at by choosing the 1st 2 letters from each word until a total of eight characters resulted).

pass phrase: "It was a dark and stormy night...".

password : iWadasn...

 

▲return to the top

 

Bad Passphrases:

Person’s Name     password "robert5"

License Plate    password  "PSU-FAN"

Number Place    password   "Nittany1"

Easy to Guess   password "*****", "password"

When picking passwords, avoid the following:

▲return to the top

 

Setting an Administrator & User Passwords

All accounts on your system should be password-protected. Remember to follow "good password/passphrase" conventions. DO NOT USE A BLANK ADMINISTRATIVE PASSWORD UNDER ANY CIRCUMSTANCES. Also, do not use the same Penn State ID and/or password as your machine name and password.

Note that by default, the Administrator account does not appear as an account under User Accounts. To do so,

▲return to the top

 

DETAILED INSTRUCTIONS

Mac OS X  http://helpdesk.psu.edu/mac/os10/osxadminpswd.html
Windows XP  http://helpdesk.psu.edu/windows/xp/xpadminpswd.html
Windows 2000  http://helpdesk.psu.edu/windows/2000/adminpswd.html
Windows ME  http://helpdesk.psu.edu/windows/me/meadminpswd.html
Windows 98 http://helpdesk.psu.edu/windows/98/98adminpswd.html
Unix/Linux http://helpdesk.psu.edu/linux/linuxsecuser.html
Access Account http://css.its.psu.edu/internet/password.html

 

Windows XP Users

Windows 2000 Users

Windows XP: Setting Passwords for All Users

  • Set passwords for all users in Windows 2000

  1. Open the User Accounts window.
    (Click Start >> Run. Type control userpasswords2 in the box.).

Password 1

 

  1. Select the Administrator username, and click on the Reset Password button. You will be prompted with a dialogue box to set a new password. Set the other users' passwords in the next section.

  2. Be sure to check the box next to Users must enter a user name and password to use this computer is checked.

Password 2

 

Windows XP: Setting Passwords for All Users (Before doing so you must be logged onto the machine as the Administrator)

  1. Open the Control Panel.
    (Click Start >> Run. Type control panel in the box.)

Password 3

 

  1. Open User Accounts.

  2. Select the user account for which you would like to set a password.

Password 4

 

  1. Click on Change My Password (or Set My Password if no password is currently assigned).

  2. You will then be prompted to enter a new password.

  3. Click Change, then No to make Private

**Repeat steps 3, 4, 5, and 6 for each user account.

Password 5

Windows 2000: Setting Passwords for All Users

  1. Right-click on My Computer and select Manage.

Password 6

 

  1. In the Computer Management Window expand Local Users and Groups by clicking on the + sign next to it.

  2. Click on the Users folder to see a list of users on the right side. A red x indicates an account is not active and needs no password to be set.

Password 7

 

  1. Right-click on the first user and select Set Password.

Password 8

 

  1. You will then be prompted to enter a new password. Click OK to finish.

Password 9

 

▲return to the top

 

Locking your computer

When you leave your computer, even for a few minutes, you should lock it, using either the built-in locking capability of your operating system, or a password-protected screen saver. For instructions on locking your computer, select one of the following links;

Locking a Windows NT, 2000, and XP workstation without logging off

Locking a MAC workstation without logging off

 

▲return to the top

 

 
   
About the units of
ITS Logo
 

 

 The Pennsylvania State University © 2007. All rights reserved.
Alternative Media - Nondiscrimination Statement
This site maintained by Security Operations and Services,
a unit of Information Technology Services.

For assistance, contact Security Operations and Services.
Provide site feedback to the Security Webmaster.

Last revised: 01/31/2007