What is Password (in computer science)?
A secure identifier that enables a user to access a secured resource. For example, a password can be used to log on to a network and access personal files.
Passwords are a part of a user’s credentials, which include, at a minimum, the username and password, and in a multidomain Microsoft Windows 2000–based or Windows NT–based enterprise also include the user’s domain.
Passwords are generally known only to users themselves and possibly to members of the Administrators or Account Operators group on Windows 2000–based or Windows NT–based networks.
If a user forgets his or her password, the user cannot log on to the network without contacting the administrator. On a Windows NT network, the administrator uses the tool User Manager for Domains to create a new password for the user. On a Windows 2000–based network, the administrator uses the Computer Management tool to create a new password for the user.
When establishing a password policy for your company, you should determine
- Who will control passwords - the administrators or the users. Giving users control over their own passwords makes them completely responsible for their systems and personal folders. You can configure Windows NT and Windows 2000 so that the first time users log on to the network they must change their initial password to one that only they know. This is usually the best solution.
- How complex passwords should be and how often they should be changed. If you make passwords too complex, such as random scrambles of letters, numbers, and symbols, the network might be less secure instead of more because users are likely to write down a difficult-to-remember password and tape it under their keyboard or in some other handy location. Also, if passwords must be changed frequently, users will typically make simple changes such as adding an incremental number to the end of each new password. The best policy is usually to require a password of six to eight characters that doesn’t change and to teach users to select passwords that do not include family names, addresses, postal codes, and so on. Passwords should usually be simple combinations of letters and numbers, such as «blue144» or «max13one».