r4 - 21 Feb 2011 - 20:09:50 - PeterKoczanYou are here: TWiki >  CSDocs Web  >  CSLDocumentation > AccountInfo

Account Information

Disk Space Information

What If I Exceed My Disk Quota?

The AFS filesystem will not allow you to use more disk space than your disk quota allows. If you are out of disk space you will have to compress or remove files in your acount. The tar and gzip programs are used for this.

Dot File Information

What Are Dot Files?

Dot files are provided to confiure your account when you log in. These files control what functions are available to you in your window manager, determine your search path and terminal type for proper program execution, change ny keymappings for use with the X-windows system, and deterine which programs start running when you log in. These files all reside in your home directory. They are called dot files because the names for the files all start with a period (dot). By default the ls command does not display files that start with the period character. You can use the ls -a command to display all files, including dot files.

Which Files Are My Dot Files

The following dot files are given to all accounts:

  • .Xdefaults
  • .Xkeymap
  • .Xresources
  • .bashrc
  • .bashrc.local
  • .bash_profile
  • .cshrc
  • .cshrc.local
  • .emacs
  • .exrc
  • .fvwm2rc
  • .fvwmrc
  • .login
  • .logout
  • .mailrc
  • .newsrc
  • .pinerc
  • .pinerc-nopop
  • .twmrc
  • .xemacs
  • .xemacs-options
  • .xsession

Select any of these to view the default dot files. The default dot files are in /s/lab/skel, you can copy new default files from there at any time. To refresh all your dot files use the newdots command.

How Can I Modify My Dot Files

We suggest you make a backup copy of your dot files before you make any modifications to them. The most commonly made dot file modifications are to add command aliases or changing your search path. These modifications should be made in your .bashrc.local or .cshrc.local file in your home directory. To add a directory to your search path add one of the following lines:

export PATH=$PATH:/some/path/bin (bash/ksh)
set path = ( $path /some/path/bin ) (tcsh/csh)

This will append /some/path/bin to your search path. To create an alias add a line like

alias claer="clear" (bash/ksh)
alias claer "clear" (tcsh/csh)

This alias is useful if you often mistype the clear command.

What If I Have Problems?

If you made a mistake and didn't save a backup you can copy the default file from /s/lab/skel. If you can't log in because of the problem try a fail safe login. After you enter your password hit F1 instead of Return. If this doesn't work you'll need to ask the CSL for assistance.

Security Concerns

Choosing A Good Password

Your password is the key to your account at the UWCS Department. Selecting a good password is the single most important thing you can do to protect the security of your account. This document will detail what traits make a password bad or good and why, and it will recommend some systems for selecting a good password.

What makes a password bad?

Some people think that all passwords are created equal, and that as long as they don't reveal their password to anybody, they are safe. Unfortunately, that is not the case. There are whole classes of passwords which are considered highly insecure, because they possess traits which people who are trying to gain unauthorized access to your account can exploit.

For example, some people want to use a word from the dictionary, or a sequence such as "123456" or "abcdef" as their password. However, several computer programs have been written to perform so-called "dictionary attacks" on systems, in which the program tries each word in a dictionary, and some other common sequences, as the password for a particular account. These programs are easy to come by, and run fairly quickly, which makes dictionary words very bad choices of passwords.

Other people want to use a name of a loved one or numbers with special significance, such as your birthday Social Security Number, or telephone number, as a password. These are really no better than dictionary words, because an experienced hacker will know to try such combinations.

Finally, some people want to use very short strings for a password. For example, they may want to use a password that is only 3 letters long. Unfortunately, having a short password dramatically reduces the number of possible passwords. A conservative estimate gives us about 90 possible characters for each character in a password, which means that a password with 8 characters (the recommended length) could be one of 4,304,672,100,000,000 possible passwords, far too many for a hacker to exhaustively try each one. By comparison, a password with 3 characters could be one of only 729,000 passwords. An exhaustive test of each of those possibilities is well within the capabilities of modern computers.

So, there are a number of features to avoid when selecting a password:

  • dictionary words (taxicab, password, etc)
  • systematic sequences ("123456", "abcdef", etc)
  • names of loved ones, or sequences of numbers that have special meaning to you
  • short passwords

These features are bad because they all make it relatively easy for a person to guess your password.

What makes a password good?

It's much easier to say which passwords are bad than it is to say which passwords are good. In essence, a good password is any that is easy for you to remember but difficult for others to guess. Avoiding the traits listed above is a good place to start. In addition, you may want to mix upper and lower case letters, use punctuation, and use numbers in your password. Remember, you can use any printable character in your password, including upper and lower case letters, numbers, and punctuation. If you adhere to these guidelines, you will thwart most attacks.

How do I choose a good password?

It is often said that choosing a good password will be the hardest thing you do all day, and it's true. Choosing a password that is both easy to remember and difficult to guess is no small task. However, there are some popular methods of choosing passwords which are usually considered fairly good.

One such method is to use the first letter from each word in a phrase, including punctuation and capitalization, and using numbers or symbols to represent words in the phrase. For example, the phrase To be, or not to be. might become 2b,|!2b. (using the symbol | to represent or and the symbol ! to represent not, and including both the comma and the period). This password is suitably long, and it includes numbers, letters, and punctuation. Of course, now that it has been demonstrated in this document, it would not be a good choice, since anybody who reads this document would know to try it. A word of warning to those who would use this scheme: don't use a phrase that is easy to guess, such as your favorite saying or the first line of your favorite song.

Another method is to start with two or more unrelated words and then abbreviate or mangle them in some manner, such that no part will be found in the dictionary. Make sure the two words aren't easily guessable.

In addition to these methods, our site enforces some rules which prevent you from choosing passwords with the bad traits described above. Specifically, your passwords must have the following characteristics:

  • must be at least 8 characters long
  • must contain at least 1 character from each of at least 3 different character classes. The character classes are:
    • lowercase letters
    • uppercase letters
    • numbers
    • punctuation (printable characters other than letters or numbers)
    • all other characters (control characters)
  • must not appear to be systematic ("abcdef" will be rejected)
  • must not be based on anything in your password file entry (name, login name, user id, etc).
  • must not be based on a dictionary word, or a reversed dictionary word. A complete word as a substring will cause your password to be rejected.

Protecting Your Password

Remember, your password is a secret which only you should know. If anybody else learns your password, your security has been compromised. Here are some tips for protect your password:

  • Never tell your password to anyone
  • Do not write down your password
  • Never put your password in electronic mail to anyone (including system administrators, or those who claim to be system administrators). If you ever get mail from anyone asking for your password, please send mail to lab immediately. Do NOT include your password.
  • Do not include your password in shell script or programs stored on the system
  • Change your password frequently, but choose a password that is easy for you to remember, so you don't have to write it down.
  • Do not type your password on any system the will put your password over a potentially insecure network in clear text. This includes telnet, rlogin and ftp from any network outside the CS department. The WiscWorld dialup pool is probably reasonably safe. If you can, you should use ssh or kerberos telnet when using the WiscWorld dialup pool.
  • If you must use an insecure network (for example, at a conference), your can use ssh (the Secure Shell) to safely login.
  • The Computer Systems Lab is investigating several more secure remote access solutions. A one-time password system would solve the password-stealing problem when using insecure networks (but not protect your session from someone eavesdropping on it) Another alternative is to use kerberos telnet programs or ssh (the Secure Shell).

Protecting Your Files

If You Think Your Account Has Been Broken Into

If you think that someone has broken into your account, please contact the Computer Systems Lab immediately. The best way to do this is to send electronic mail to lab@cs.wisc.edu. If possible, do this from another account (such as the WiscWorld mail system, or have a friend send the mail for you). If you do not have secure access to email, call the lab at 608-262-2389.

If you think the break-in occured because someone learned your password, use another computer to change your password.

If you think someone is using your account to break in to other accounts or other computers, please contact the lab immediately.

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r4 < r3 < r2 < r1 | More topic actions
 
CSL Home
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback