Reference number: CH000300
Computer
Passwords.
Issue:Complete information and links to
information about Computer Passwords.
Additional information:Computer passwords are used to help identify and distinguish users
and their access or capabilities on a computer or computer network.
Passwords can also help restrict and prevent users from accessing
confidential data or accessing programs they should not have access to.
When creating a password, create the password using the below rules, making the password more secure.
- Do not use a password that you have used in the past.
- Try to change the password at least every 3-6 months.
- Create a password that is at least six characters long.
- Create a password with both digits and letters.
- Do not create a password with a family name or family pet.
- Do not create a password that is your phone number, house
number, apt number, etc.
- Create a password that is not in a dictionary.
- Create passwords with spaces in them (if allowed).
Top most common passwords
Some examples of some of the most
commonly used passwords are listed below. If you're using any of the
below passwords we highly recommend you change it immediately.
- no password (simply pressing enter)
- admin
- root
- password or PASSWORD
- god
- letmein
- love
- monkey
- pass
- sex
- 123, 1234, 12345, or 123456
- secret
- money
- asdf
- qwerty
- letmein or passme
As well as these common passwords as mentioned above users also
commonly use family and pets names such as charlie, thomas, or fluffy, sports
teams or sports players names, phone numbers or parts of a phone
number, and social security numbers or parts of a social security
number.
Password rules
System administrators
If you run a network of computers or are in charge of computer
security, try using the below rules to help secure your network
and computers.
- Require that passwords be changed every 3 months (90 days). Almost all
network operating systems have features that prompt users to
change password once the specified time is up.
- Set a minimum password length. Most network operating systems
support the ability to set a minimum password length.
- Setup password history, if available. If the network operating
system supports password history enable it to prevent the same
password from being used.
- Enable account lockout threshold. This option disables an
account after so many failed login attempts. Generally, 3 attempts with a
duration of 60 minutes is sufficient.
Below is a listing of good examples of passwords:
- iamthe1
- 2bornot2b
- 1PaSsWoRd1
- My1PASSword
- pa$$word
- epoh
As illustrated in the above examples, you can see passwords and
famous quotes with numbers, passwords with numbers or special
characters, or words backwards such as epoh = hope.
Solutions:
Determining the type of
password
Creating a computer password
Changing a computer
password
Clearing / Removing a computer password
Determining
the type of password
Before you will be able to change,
clear or remove a computer password, you must first determine the type
of password that is being used.
- Does the password appear as the
computer is booting? If yes, this is a BIOS / CMOS password. BIOS
or CMOS passwords will not allow the computer to be boot at all
unless the password is known.
- Does the password appear after the
computer is done booting and before the Operating System runs? If
yes, this is a network, Operating System, or third-party password.
- Windows users, does the password
appear in Windows before the desktop? If yes, this is a Windows or
Windows network password. If you are able to press the Escape key
and get to Windows, you have a standard Windows password; however,
if this does not bypass the password prompt, it is likely you have
a Windows network password.
Creating
a computer password
To create a BIOS / CMOS password.
The BIOS / CMOS password is one of the more secure methods of
password protecting a computer as the computer will not be able to
be used unless the password is known. To create a BIOS / CMOS
password, enter your computer's CMOS setup and enter a system
password.
- Additional information about entering CMOS can be
found on our CMOS page.
To create an Operating System password.
Windows 95/ 98 users:
See document CH000131. By
enabling
a standard Windows 95 / 98 password, this will allow your stand alone
computer to have different users to log onto the computer and
have different preferences. However, this is not a method of
protecting the computer as a user can simply press the escape
key to get into the computer.
Screen saver password See
document CH000790 for
additional information about setting up a Microsoft Windows
screen saver password. To create a password in a third-party program.
Several third-party programs are available to password protect
your computer. Once one of these programs has been installed, a
user should be prompted to enter and enable a password on the
computer.
Changing
a computer password
If you have not already, ensure that you
have read Determining the type of password before
following the below steps on changing a computer password.
To change a BIOS / CMOS password.
In order for a BIOS / CMOS password to be changed or cleared
you must know the password. If you have forgotten the BIOS / CMOS
password, refer to clearing / removing a computer password section. If
the password is known, to change the password requires that you
enter the CMOS setup. In the CMOS setup locate the password
section and enter, change or remove the password. If you do not
want the computer to have a password prompt, in CMOS, enter the
original password and simply press the Enter key for the new
password.
To change an Operating System / Network password.
Windows 95 / 98 Standard password:
This information applies to Windows 95 / 98 users who are not
connected to a network but have a password prompt when the
computer boots. If you are connected to a network, see
the next section Windows 95 / 98 Network
password. Click Start / Run and type command.
Once at the prompt type: cd\windows <press enter>
dir *.pwl <press enter> after dir *.pwl is typed a
listing of accounts used to log onto the computer should be
listed. Locate the pwl you wish to change and type: ren
name.pwl name.pwb <press enter>* *Replace
name
with the name of the pwl you wish to rename. Once completed,
reboot the computer; the next time the computer boots enter a new
password and then Windows will prompt you to confirm the new
password.
Windows
95 / 98 Network password:
If your computer logs onto a Computer Network and you are
running Windows 95 / 98, changing the password may vary depending
upon the type of Network. If the network is a Windows NT
network, the password can be changed if expired, if the password
has already expired, or to change the password click Start /
Settings / Control Panel and double-click Passwords. If this
option is not available or does not allow you to change the
password, you will need to contact the Network administrator for
additional help on changing the password.
Windows NT / 2000 Standard / Network password:
To change your Windows NT, 2000, or XP password press CTRL
+ ALT + DEL to open the Windows security window. In this
window there is a button to change the password. Typing in
your old password along with the new password will allow you
to change the password. If this option is not available or does not allow
you to change the password, you will need to contact the Network
administrator for additional help on changing the password.
Unix Users and Majority of Unix variants:
Once logged into Unix at the shell type: passwd <press
enter> If available, you will be prompted to enter the
Current password, prompted to enter the New password and then to
confirm the password just entered.
To change a third-party password
protection program password.
Because of the wide variety of
third-party programs capable of password protecting your computer,
it is recommended you contact the company responsible for
supporting your third-party password protection program.
Clearing
/ removing a computer password
If you have not already,
ensure that you have read Determining the type of
password before following the below steps on clearing / removing
the correct password.
Clearing / removing a BIOS / CMOS
password.
If you know the current BIOS / CMOS password and wish to remove
that password, enter the computer CMOS setup and enter a new
password. The prompt should ask you for the current password and
then to enter a new password. For the new password simply press
the enter key on the keyboard.
- Additional information about how to enter CMOS setup can be
found on document CH000192.
For information about clearing an unknown BIOS / CMOS
password refer to document CH000235.
Clearing / removing an Operating System password.
Windows 95 / 98 users who have a standard Windows 95 / 98
password refer to document CH000131. Windows
NT / 2000 users must have a password to log onto the computer.
However, users can enable automatic login by following the steps found on
document CH000296. Windows XP
users can find information on how to disable a Windows XP
password prompt by reviewing document CH000536.
Clearing / removing a
network password.
Because networks will require an identification to allow or provoke
you from access to files and programs, a network password can only
be changed and not cleared or removed.
To change a third-party password
protection program password.
Because of the wide variety of third-party programs capable of
password protecting the computer, it is recommended you contact the
manufacturer of the program used to protect the computer for
information on how to clear or remove the password. If you are
unaware of which program is being used to protect the data on the
computer it is recommended that the hard disk drive be erased and
then the operating system be reinstalled. Additional information on how to do this can be
found on document CH000186.
|
