Password Security

It's unfortunate that this book must discuss this topic, but poor passwords or no passwords can lead to an insecure server. When you set up a server for the first time, you enter an initial administrator account. This account's password is also the password for the root account, which is enabled on Mac OS X Server by default. This situation presents several issues and several possible ways you can help reduce the risk of someone cracking or guessing your password.

For the user's short name, use a name that's difficult to guess. For example, you might make the administrator's short name q9tr73m1. It's a combination of both letters and numbers, which makes guessing the username even more difficult.

Set the password using the same complex method of combining letters and numbersboth uppercase and lowercase in this case.

You can even add an exclamation point in the mix to make the password harder to guess.

After the server is set up, you may wish to change the root password to something even more complex. Making the root password and the initial administrator account password different also increases security. In some circumstances, you might even disable root: for instance, if you have a server in your room, and you'd rather use sudo s as an admin to become root rather than log in directly as root.

To change the root password:

1.	Launch the Workgroup Manager tool located in /Applications/Server, and authenticate as the administrator (Figures 10.34 and 10.35). Figure 10.34. Launch the Workgroup Manager tool located in /Applications/Server, and authenticate as the administrator. Figure 10.35. The Workgroup Manager application shows the accounts in the LDAP database. Be Careful! Never use capital letters in the initial administrator's short name. Doing so will prevent the server from properly setting itself up as a Kerberos Key Distribution Center (KDC). If you disable root, you may not be able to promote your server to be an Open Directory master. Never use a password that's easy to guess. You're asking for your server to be compromised.
2.	Choose Workgroup Manager > Preferences (Figure 10.36). Figure 10.36. Choose Workgroup Manager> Preferences. A Workgroup Manager Preferences dialog opens.
3.	Select the "Show system users and groups" check box (Figure 10.37). Figure 10.37. Select the "Show system users and groups" check box. Click the OK button to dismiss the dialog.
4.	Click the directory authentication icon , and select the /LDAPv3/127.0.0.1 directory database from the pop-up menu (Figure 10.38). Figure 10.38. Select the LDAP directory from the directory authentication icon.
5.	Click the Accounts icon in the Toolbar, and click System Administrator in the Name list.
6.	Enter and verify the new password in the Basic tab (Figure 10.39). Figure 10.39. View the user database to show the System Administrator (root) account and change the password for that account.
7.	Click the Save button to save the password change.
8.	Go to step 4, and select the Local database from the directory authentication icon (Figure 10.40). Figure 10.40. Select the Local directory from the directory authentication icon. Repeat steps 57 to change the password for the local root account. You should change the root account for both databases at the same time, to avoid conflicts.

Tip

• If you're upgrading from an older version of Mac OS X Server (like 10.2, aka Jaguar), you may wish to reset all passwords for all users. Doing so rewrites the passwords back into the upgraded Password Server database. It's possible that if you had users in a local database, they stored their passwords using the less secure crypt method, as opposed to the more secure Password Server methods.