All accounts have two different passwords associated with them: Brown Account and CS LDAP. Their usage is explained in the table below. In general, services which grant full filesystem access require your Brown password. Other services use LDAP. You should pick different, secure passwords for each.
|What is it used for?||
|How do you change it?|
|Forgot your password?||https://myaccount.brown.edu/||Mail problem|
Brown Account Passwords
Computing and Information Services (CIS) provides services to manage your Brown Account password.
CS Kerberos Passwords
The CS Kerberos password is a leftover/workaround being used during the 2017-present OIM and file system migration. For new accounts created after August, 2017, this password is stored in ~/.initial-kpasswd. To change the CS Kerberos password, open a shell prompt, and run
*Users who've setup their CS account prior to August, 2017, would know this as their *old* CS login password or CS Kerberos Password.
New users start out with no LDAP password, which means they can't log into services using LDAP. To set or change your LDAP password yourself, you must know your CS Kerberos password. If you do, log into a Linux system, open a shell prompt, and run
For new accounts created after August, 2017, your CS Kerberos password is in ~/.initial-kpasswd. You do not need to know your current LDAP password to change your LDAP password.
Your LDAP password is used for a great number of services. If you have it saved in any of your applications and you change it, you will need to reconfigure your applications to remember your new password.
Forgot Your CS Kerberos Password from Spring 2017 or earlier?
Mail firstname.lastname@example.org and request a CS Kerberos password reset.
We do our best to follow the CIS password policy. Therefore, we need to enforce the following requirements on LDAP passwords:
- Passwords must contain at least three character classes. Character classes include lowercase letters, uppercase letters, digits, and punctuation marks.
- Passwords must not be broken by our password cracker. Simple passwords, such as dictionary words, will fail this test, but most complex passwords should be fine.
- Your password cannot be the same as any of your previous 10 passwords.
After changing your password, you must wait a day before changing it again.
Why Two Passwords?
We are in the process of migrating our own identity services to those provided by the University. When we are finished, your Brown Account password will be the only password you need to remember.