Password Security

By | February 1, 2015

One of the simplest ways someone can access a server without authorization is by brute-forcing the root password — running an automated program to try every possible password combination (which may or may not involve using dictionary words). Thus, a few guidelines must be followed to protect your Cloud Server:

  • Passwords should contain characters from at least three of the following four sets:
    • Lower case letters
    • Upper case letters
    • Numbers
    • Symbols
  • Passwords should be no shorter than 9 characters, regardless of complexity.
  • Passwords should not contain or be based on:
    • Your username (or any usernames on the system)
    • The name of the Cloud Server
    • Dictionary words, even in multiples

The root password must be changed immediately upon logging in for the first time. To do this, type:


You will be prompted for your new password.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.