Q: I tried to change my password using the passwd command or Preferences, but it didn't seem to take effect. Why not?\
\
Q: How do I remove my password? \
\
A: Use the Preferences application to change your passwd. If you are on a network composed of NeXT and non-NeXT machines you might also need to update the NIS (formerly known as Yellow Pages) database by running the yppasswd command. If your account information is stored in NIS, run the following command in a Terminal or Shell:\
\
\f0\fs24 machine>yppasswd your-login-name
\f1\fs28 \
\
as in:
\f0\fs24 yppasswd jsmith
\f1\fs28 .\
\
If your account is stored in NetInfo—which is the default on a NeXT machine—do the following to remove your password:\
\
• Launch NetInfoManager.\
• Open the domain where your account is stored; this is probably the root (/) domain if you\
are on a Network. If you are on a standalone machine, the right (local) domain will come\
up by default.\
• Click the users directory , then double-click your account name. This will bring up the\
property editor.\
• Click the passwd property, then remove its value and save the changes\
\
Removing a password that is stored in NIS is slightly more difficult. On the yp-master server do the following as root:\
\
• Edit the /etc/passwd file and remove the passwd field from your account.\
• Then run the following commands in a Shell or Terminal:\
\f0\fs24 \
ypmaster#cd /etc/yp\
ypmaster#make passwd\
\f1\fs28 \
\b Warning:
\b0 \
\
Removing a password from an account is a serious security risk! Make sure that all the accounts have a password. Change the passwords once a month.\
\
What makes a good password? One that's:\
\
• easy to remember\
• hard to guess\
• uses upper and lower case letters, number, and punctuation\
• is not found in the dictionary\
• is not a proper name\
\
The UNIX password security mechanism really depends on two things: \
\
• the fact that it's hard to decrypt the encrypted passwords\
• users' choosing passwords that are hard to guess (so that brute-force attacks are intractable)\
