Passwords

All accounts have two different passwords associated with them: Brown Account and CS LDAP. Their usage is explained in the table below. In general, services which grant full filesystem access require your Brown password. Other services use LDAP. You should pick different, secure passwords for each.

  Brown Account LDAP
What is it used for?
  • Logging into Linux
  • Logging into Windows
  • Accessing CIFS
  • Unlocking a locked screen
  • Obtaining Kerberos tickets with kinit
  • Department wikis
  • OpenVPN
  • Postgres database
  • Printing (e.g. lprm command)
  • Jabber IM server
How do you change it?

 Visit https://myaccount.brown.edu/

 /local/bin/ldappasswd

Brown Account Passwords

Computing and Information Services (CIS) provides services to manage your Brown Account password.

CS Kerberos Passwords

The CS Kerberos password is a leftover/workaround being used during the 2017-18 OIM and file system migration. For new accounts created after August, 2017, this password is stored in ~/.initial-kpasswd.

*Users who've setup their CS account prior to August, 2017, would know this as their *old* CS login password or CS Kerberos Password.

LDAP Passwords

New users start out with no LDAP password, which means they can't log into services using LDAP. To set an initial LDAP password, follow the password changing instructions next.

To change your LDAP password, log into a Linux system, open a shell prompt, and run

/local/bin/ldappasswd

You wil need to know your current Brown Account password. You do not need to know your current LDAP password to change your LDAP password.

Warning

Your LDAP password is used for a great number of services. If you have it saved in any of your applications and you change it, you will need to reconfigure your applications to remember your new password.

Forgot Your LDAP Password?

Simply run the /local/bin/ldappasswd command as described above. You don't need to know your current LDAP password to change it.

Password Requirements

We do our best to follow the CIS password policy. Therefore, we need to enforce the following requirements on LDAP passwords:

After changing your password, you must wait a day before changing it again.

Why Two Passwords?

We are in the process of migrating our own identity services to those provided by the University.  When we are finished, your Brown Account password will be the only password you need to remember.