Passwords
•
What is a "good" password?
•
I used Microsoft Explorer to enroll. Why didn't it ask me for a password?
•
I did not specify a password when I got my Digital ID but now Netscape
Navigator is prompting me to enter a password.
•
How do I change my password using Microsoft Internet Explorer, Outlook, or
Outlook Express?
•
How do I change my password using Navigator or Communicator?
•
I forgot my Navigator or Communicator password.
•
Netscape Navigator keeps asking me for my password even after I have entered
it.
•
How do I know when to enter the password for my Digital ID?
•
Can I change how often I am asked to enter my password for the Digital ID?
•
I saw a form on a Web page that asked for my password for the Digital ID. Why
do they need it?
•
Someone stole my computer, and I had elected to NOT password-protect my private
Digital ID.
--------------------------------------------
What
is a "good" password?
A
good password is one that is long enough and unusual enough that an exhaustive
search (such as by using a dictionary) is not likely to reveal it. A good
password is easy for you to remember but difficult for someone else to guess.
Use
a password of at least eight characters. Do NOT use something obvious or easily
traceable to you, such as your telephone number, birth date, or the name of a
member of your family. Do NOT use an ordinary English word, a familiar jargon
term, or a password that you have previously used. If you write down your password,
do not store it in an easily accessible place.
See
http://csrc.nist.gov/fips/fip112-1.wp and http://csrc.nist.gov/fips/fip112-2.wp
concerning password usage.
--------------------------------------------
I
used Microsoft Explorer to enroll. Why didn't it ask me for a password?
Microsoft
Explorer protects your private key with the Windows log on password, not with a
separate password.
If
you use Internet Explorer 4.0 or higher you can choose to use a password to
protect your Digital ID. To do this you should revoke the Digital ID and enroll
for a new one. When you get to the enrollment page do the following;
Chose
the option called "Additional Security for Your Private Key", fill
out the rest of the enrollment form
After
hitting submit you will be asked to verify your E-mail address
You
will then get a dialog box letting you choose the level of security, click on
the button, "Set Security Level" chose "High". This option
makes you enter a password every time you use your Digital ID.
This
dialog box will ask you which item your creating a password for. You can do it
in two different ways
You
can use the name the browser has given the Digital ID, which is the option
selected as the default or
You
can name the Digital ID yourself, click "Create a new password for this
item" and enter the information including the password. Move to the next
step of entering the password (yes again).
Enter
the password of your choice. You will be asked to enter it twice. Do not get
confused, the dialog box looks exactly the same both times you are asked to
enter it.
IMPORTANT
Do not choose "Remember password". By choosing this you will never be
asked to enter your password. By choosing this option it is basically like not
having a password.
Continue
with picking up and installing your Digital ID.
--------------------------------------------
I
did not specify a password when I got my Digital ID but now Netscape Navigator
is prompting me to enter a password.
Because
of a problem in some versions of Netscape Navigator 3.0, the password dialog
displays whether or not you specified a password when you requested your
Digital ID. Click the OK button to dismiss this dialog--you do not need to
enter anything in the password field.
--------------------------------------------
How
do I change my password using Microsoft Internet Explorer, Outlook, or Outlook
Express?
When
using any of the programs above your Digital ID does not have its own password.
It is protected by the Windows log on password, unless you chose one at the
time of enrollment to use a password. You would have done this by choosing the
option called "Additional Security for Your Private Key" and then
selecting "High" for the level of security. If this is the case you
cannot change the password. You will have to revoke the Digital ID and enroll
for a new one.
--------------------------------------------
How
do I change my Navigator or Communicator password?
Click
on the security icon from the main toolbar in Navigator (its the icon that
looks like a padlock). Choose "Passwords" from the menu on the left.
Click the Change Password button and follow the instructions in the dialog box
which appears.
--------------------------------------------
I
forgot my Navigator or Communicator password.
For
security reasons your password is never sent to us, so unfortunately we will
not be able to retrieve it for you. You will have to revoke the Digital ID and
enroll for a new one. But before you enroll for a new one you MUST manually
delete the Digital ID from the browser. If you do not do this you will not be
able to use you new Digital ID. The new Digital ID would still have the old
password, which you forgot, once again making the new certificate unusable. To
delete your Digital ID files from your hard drive:
Exit
Netscape
Delete
the key3.db and cert7.db files located in your Netscape folder (Windows users
will find these files in Program Files/Netscape/Users/default and Macintosh
users will find them in System Folder/Preferences/Netscape f/Security)
Start
Navigator
Note:
if you do not want to delete all of your Digital IDs, please contact Netscape
Customer Service for assistance with bypassing the password protection.
--------------------------------------------
Netscape
Navigator keeps asking me for my password even after I have entered it.
When
you enter an incorrect password, Navigator gives you a blank password field to
allow you to try again. Make sure you are entering your password exactly as you
established it, with the same capital letters, numbers and spacing.
If
Navigator will not accept your password, you will need to follow the
instructions in question above for deleting and revoking your Digital ID and
enrolling for a new one (for security reasons your Netscape password is never
sent to us, so unfortunately we will not be able to retrieve it for you).
--------------------------------------------
How
do I know when to enter the password for my digital certificate?
Netscape
users
Depending
on the time you set Netscape Navigator, Communicator and Messenger will ask you
for the password when the digital certificate is used or asked for by another
program. The dialog box Netscape uses to ask for your password refers to the
password for your Digital ID as "password or the pin for Communicator
Certificate DB". To change the frequency Netscape asks you to enter your
password refer to the question above.
Microsoft
users
Unless
you specifically asked for "Additional Security" at the time of
enrollment you won't have a password word specifically for your Digital ID.
Microsoft Internet Explorer, Outlook and Outlook Express uses the Window's log
on to protect the Digital ID. For more information on how to get a password for
your Digital ID refer to the question above.
If
you did set your security setting to high Microsoft will give you a dialog box
saying "Signing data with your private exchange key!" every time you
use the Digital ID.
IMPORTANT
Do not use the option "Remember password". By using this option it is
as if your Digital ID does not have a password. Note: You should never enter
your password in a form retrieved over the Internet. Only enter it into dialog
boxes generated by Netscape or Microsoft. For more information refer to the
question below.
--------------------------------------------
Can
I change how often I am asked to enter the password for my Digital ID?
Netscape
users
Yes,
follow the steps below
Click
on the security icon (the padlock at the top of the browser window) in Netscape
Navigator or Communicator
Choose
"Passwords"
Make
your choice under "Communicator will ask for this Password:"
Microsoft
users
Unfortunately
you can't change the frequency Microsoft programs ask for your password. You do
have two choices to get around this. Next time you are asked to give your
password you can choose the option "Remember password". You will
never be asked for the password again. If you don't feel comfortable with that
option you can revoke the Digital ID and enroll for a new one. By doing this
you can get another Digital ID and choose a different security setting. You may
prefer the medium setting. This setting will let you know when your Digital ID
is being used and will ask for permission, but not a password.
--------------------------------------------
I
saw a form on a Web page that asked for my password for the Digital ID. Why do
they need it?
They
DON'T. Never provide your password to anyone. No legitimate business ever needs
to know this information.
--------------------------------------------
Someone
stole my computer, and I had elected to NOT password-protect my Digital ID.
Immediately
revoke the Digital ID and enroll for a new one. Note: Although relying parties
should always check the revocation status of a Digital ID, some relying parties
might not have done so. It is a good idea to inform anyone that may be affected
that your private key (Digital ID) has been compromised.
--------------------------------------------