NERSC logo National Energy Research Scientific Computing Center
  A DOE Office of Science User Facility
  at Lawrence Berkeley National Laboratory 		Site Map | Help | Search
Login
Home About News & Publications HPC Users Projects
Systems Services Analytics Status & Statistics Help

HPC Users

Accounts & Allocations

Account Management
How to get an Account
How Accounts are Managed
Accounting Interface (NIM)
Computer Use Policies
Passwords
Account Ownership Policy
Acknowledgement Policy

Quick Links

NIM Login
Navigation column
for this page:

 
Forgot your password? Call 1-800-66-NERSC (510 486-8600), menu option 2.

NERSC Password Policy and Procedures

A user is given a username (also known as a login name) and associated password that permits her/him to access NERSC resources. This username/password pair may be used by a single individual only: passwords must not be shared with any other person.

Passwords must be changed as soon as possible after exposure or suspected compromise. Exposure of passwords and suspected compromises must immediately be reported to NERSC at security@nersc.gov or the Account Support Group, support@nersc.gov.

Password and Account Protection

NOTE: Each user is responsible for all activities originating from any of his or her username(s).

A username/password pair must NOT be shared under any circumstances. Users who share their passwords will have their access to NERSC disabled. Users should not leave clear-text passwords in a location accessible to others or secured in a location for which protection is less than that required for protecting the information that can be accessed using the password.

See Account Ownership Policy.

New Users

NERSC must have a signed user policy form on file before assigning a user a password on a NERSC system. Once this form has been signed, NERSC will contact the user by phone to assign a temporary password and to activate the username(s) on the appropriate systems. The temporary password is only good for 24 hours. The user should login to NIM with this password, and immediately choose a new password. After about 10 minutes, this new password may be used to login to any NERSC computer.

Login Failures

NOTE: Your login privileges will be disabled if you have three login failures while entering your password on a NERSC machine. Call the Account Support group at 800-666-3772, menu option 2, or 510-486-8612 to have your login failures cleared. You do not need a new password in this situation.

Obtaining a New Password from NERSC Account Support

If you have forgotten your password, call the Account Support group at 800-666-3772, menu option 2, or 510-486-8612 to get a new temporary password. The temporary password is only good for 24 hours. You should login to NIM with this password, and immediately choose a new password. After about 10 minutes, this new password may be used to login to any NERSC computer.

Changing Your Password

Passwords must be changed under any one of the following circumstances:

  • At least every six months.
  • Immediately after giving your password to someone else.
  • As soon as possible, but at least within one business day after a password has been compromised or after you suspect that a password has been compromised.
  • On direction from NERSC staff.

Your new password must adhere to the Department of Energy requirements below.

All of NERSC's computational systems are manged by the LDAP protocol and use the NIM password. Passwords cannot be changed directly on the computational machines, but rather the NIM password itself must be changed:

  1. Point your browser to nim.nersc.gov and login to NIM.
  2. Select Change NIM Password from the Actions pull-down list in the NIM main menu.

See HPSS Passwords and Authentication for instructions on how to change HPSS passwords.

Department of Energy Password Requirements

As a Department of Energy facility, NERSC is required to adhere to Department of Energy guidelines regarding passwords. The following requirements conform to the Department of Energy guidelines regarding passwords, namely DOE Order 205.3 and to Lawrence Berkeley National Laboratory's RPM  §9.02 Operational Procedures for Computing and Communications.

Different NERSC systems have different software environments with minor variations in software constraints on passwords. When users are selecting their own passwords for use at NERSC, the following requirements must be used. It is the responsibility of the user to select a password that adheres to the following requirements, regardless of whether or not the system is capable of enforcing them.

  • Passwords must contain at least eight nonblank characters.
  • Passwords must contain a combination of upper and lowercase letters, numbers, and at least one special character within the first seven positions.
  • Passwords must contain a nonnumeric letter or symbol in the first and last positions.
  • Passwords must not contain the user login name.
  • Passwords must not include the user's own or (to the best of his or her knowledge) a close friend's or relative's name, employee number, Social Security number, birthdate, telephone number, or any information about him or her that the user believes could be readily learned or guessed.
  • Passwords must not (to the best of the user's knowledge) include common words from an English dictionary or a dictionary of another language with which the user has familiarity.
  • Passwords must not (to the best of the user's knowledge) contain commonly used proper names, including the name of any fictional character or place.
  • Passwords must not contain any simple pattern of letters or numbers such as "qwertyxx".
Computing Sciences | Computational Research Division | ESnet
LBNL Home
Page last modified: Mon, 27 Jun 2005 22:08:58 GMT
Page URL: http://www.nersc.gov/nusers/accounts/management/password.php
Web contact: webmaster@nersc.gov
Computing questions: consult@nersc.gov

Privacy and Security Notice 		DOE Office of Science