Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
public:passwd_change [2023-01-31 18:02] – marp | public:passwd_change [2023-02-14 16:41] – vesely | ||
---|---|---|---|
Line 12: | Line 12: | ||
==== for Domain account [D] ==== | ==== for Domain account [D] ==== | ||
+ | |||
+ | {{: | ||
//Username is usualy in the format **nsurname** | //Username is usualy in the format **nsurname** | ||
Line 17: | Line 19: | ||
There are two basic ways how you can change your domain account: | There are two basic ways how you can change your domain account: | ||
- | * → the first way: **Windows login page**< | + | * the first way: **Windows login page** |
- | * → the second way: **Password Self-Service Portal ** | + | * the second way: **Password Self-Service Portal ** \\ <WRAP round center tip 100%> Go to the address **[[https:// |
- | <WRAP round center info 100%> Please note, that there is a transition process of gradual enabling of ' | + | * You can find out your username at the self-service portal → click // |
See [[: | See [[: | ||
==== Email Accounts Passwords ==== | ==== Email Accounts Passwords ==== | ||
+ | |||
+ | {{: | ||
=== for Zimbra email Exchange [X] === | === for Zimbra email Exchange [X] === | ||
+ | |||
+ | {{: | ||
[[https:// | [[https:// | ||
- | Use [[https:// | + | Use [[https:// |
- | <WRAP round center tip 100%> | + | |
+ | User name is in short format (e.g. **jnovak**). | ||
+ | |||
+ | You can also **reset forgotten password** | ||
+ | |||
+ | **Important!** | ||
+ | |||
+ | </ | ||
=== for Zimbra Archive [A] === | === for Zimbra Archive [A] === | ||
- | [[https:// | + | {{:public:pasted:20230214-163833.png}} |
- | === Kerio Mailserver | + | [[https:// |
- | Use Kerio webmail | + | User name is in short format |
+ | |||
+ | You can also **reset forgotten password** | ||
+ | |||
+ | **Important!** | ||
+ | |||
+ | </WRAP> | ||
+ | |||
+ | === === | ||
+ | |||
+ | ---- | ||
===== FACTS / HINTS ===== | ===== FACTS / HINTS ===== | ||
- | * **One account for all services** | + | * **One account for all services** |
- | * Usually you have an **independent password for Email Server Zimbra** - including Webmail, SMTP and IMAP access; This case you can change the email password via Zimbra webmail. Than you can have two different passwords (recommended mode). Use [[https:// | + | * Usually you have an **independent password for Email Server Zimbra** |
- | * If you have an **older account** at CERGE-EI you can still have the **password synced between email and domain**. Coordinate accounts separation with the IT office in advance. __Do not change the email password via Zimbra webmail to make it independent, | + | * If you have an **older account** |
* **Passwords must meet complexity requirements** | * **Passwords must meet complexity requirements** | ||
- | | + | |
- | * Passwords **must contain characters from the following four categories**: | + | * Passwords **must contain characters from the following four categories**: |
- | * **Must be at least 9 characters long ** | + | * **Must be at least 9 characters long ** |
- | * **Passwords remembered by email clients can <font inherit/ | + | * **Passwords remembered by email clients can |
- | * Account is temporarily** locked after several unsuccessful logon attempts** with a wrong password! | + | <font inherit/ |
- | * **Email clients** (like Thunderbird or Outlook), **smartphones** and tablets or **web browsers** (like Firefox or Chrome) **allow password to be remembered**. | + | * Account is temporarily** locked after several unsuccessful logon attempts** |
- | * <font inherit/ | + | * **Email clients** |
+ | * | ||
+ | <font inherit/ | ||
* **Plan well before you change your password! **Recall all devices or applications with stored passwords (especially smartphones and tablets) in advance. | * **Plan well before you change your password! **Recall all devices or applications with stored passwords (especially smartphones and tablets) in advance. | ||
* **Immediately after the password change**, the client password in your mail, smartphone, tablet **must be changed too**. | * **Immediately after the password change**, the client password in your mail, smartphone, tablet **must be changed too**. | ||
Line 65: | Line 90: | ||
===== MORE DETAILED INFORMATION ===== | ===== MORE DETAILED INFORMATION ===== | ||
- | **Locking the account and mailbox** \\ \\ | + | ==== Locking the account and mailbox |
Account is temporarily locked after several unsuccessful logon attempts with wrong password to avoid abuse and brute force password breaking. \\ | Account is temporarily locked after several unsuccessful logon attempts with wrong password to avoid abuse and brute force password breaking. \\ | ||
There are three significant parameters of this feature: | There are three significant parameters of this feature: | ||
Line 78: | Line 104: | ||
Smartphones usually use remembered password repeatedly regardless of its validity. Than you can easily lock the mailbox unintentionally.</ | Smartphones usually use remembered password repeatedly regardless of its validity. Than you can easily lock the mailbox unintentionally.</ | ||
- | __**Threshold parameters - Active Directory**__ \\ \\ | + | ==== Threshold parameters - Active Directory |
The Active Directory (shortly AD) serves as authentication authority for local network shares, desktop login, internal web pages, CEIS, CMS, Reporting etc. \\ \\ | The Active Directory (shortly AD) serves as authentication authority for local network shares, desktop login, internal web pages, CEIS, CMS, Reporting etc. \\ \\ | ||
Account lockout duration: **3 minutes** \\ | Account lockout duration: **3 minutes** \\ | ||
Account lockout threshold: **7 invalid logon attempts** \\ | Account lockout threshold: **7 invalid logon attempts** \\ | ||
- | Account lockout counter reset: **after 3 minutes** | + | Account lockout counter reset: **after 3 minutes** |
+ | |||
+ | ==== Threshold parameters - Zimbra mailer | ||
Number of consecutive failed logons allowed: **10** \\ | Number of consecutive failed logons allowed: **10** \\ | ||
Time to lockout the account: **30 minutes** \\ | Time to lockout the account: **30 minutes** \\ |