All accounts have two different passwords associated with them: Brown Account and CS LDAP. Their usage is explained in the table below. In general, services which grant full filesystem access require your Brown password. Other services use LDAP. You should pick different, secure passwords for each.
|What is it used for?||
|How do you change it?||
Brown Account Passwords
Computing and Information Services (CIS) provides services to manage your Brown Account password.
CS Kerberos Passwords
The CS Kerberos password is a leftover/workaround being used during the 2017-18 OIM and file system migration. For new accounts created after August, 2017, this password is stored in ~/.initial-kpasswd.
*Users who've setup their CS account prior to August, 2017, would know this as their *old* CS login password or CS Kerberos Password.
New users start out with no LDAP password, which means they can't log into services using LDAP. To set an initial LDAP password, follow the password changing instructions next.
To change your LDAP password, log into a Linux system, open a shell prompt, and run
You wil need to know your CS Kerberos password. For new accounts created after August, 2017, you may just use the password in ~/.initial-kpasswd. You do not need to know your current LDAP password to change your LDAP password.
Your LDAP password is used for a great number of services. If you have it saved in any of your applications and you change it, you will need to reconfigure your applications to remember your new password.
Forgot Your LDAP Password?
Simply run the /local/bin/ldappasswd command as described above. You don't need to know your current LDAP password to change it.
We do our best to follow the CIS password policy. Therefore, we need to enforce the following requirements on LDAP passwords:
- Passwords must contain at least three character classes. Character classes include lowercase letters, uppercase letters, digits, and punctuation marks.
- Passwords must not be broken by our password cracker. Simple passwords, such as dictionary words, will fail this test, but most complex passwords should be fine.
- Your password cannot be the same as any of your previous 10 passwords.
After changing your password, you must wait a day before changing it again.
Why Two Passwords?
We are in the process of migrating our own identity services to those provided by the University. When we are finished, your Brown Account password will be the only password you need to remember.