Resetting your Fermi Windows Domain Password

From your Computer
From the main Windows 2000 screen, press Ctrl + Alt + Delete to bring up the Windows Security dialog box. Select Change Password... to bring up the Change Password dialog box.
Choose from the pop-up list or type in the domain or system for which you want to change your password. The one to which you are currently logged on is displayed. You must first enter your old password, then the new password must be entered twice, for confirmation. Click OK to complete the change.

Local Support
If you have problems reseting your password contact your Fermi Domain Support Person. If you are not sure who your support person is, you can contact your Windows Policy Committee member, or the Computing Division Helpdesk at ext 2345 or http://helpdesk.fnal.gov.

From a machine in the Fermi domain
Log on to any PC that is a member of the Fermi Windows 2000 domain and is either onsite or using a lab VPN connection. You will be prompted to change your password.

Windows 2000 or XP Desktop/Laptop
You must have a .FNAL.GOV address for the following to work. Obtaining an ip address via DHCP while on the Fermilab site or by establishing a VPN connection to FNAL will give you a .FNAL.GOV address.

VPN account information can be found at: http://computing.fnal.gov/vpn/

• Press Ctrl+Alt+Del to open the Windows Security dialog box.
• Select Change Password.
• Enter your username and domain in the User name text box in this format: username@fermi.win.fnal.gov
• The Logon to text box should be greyed out.
• Enter your old password in the Old Password text box.
• Enter your new password in the New Password text box.
• Re-enter the new password in the Confirm New Password text box.
• Click OK.

• Bring up the Control Panel (Start -> Settings -> Control Panel)
• Double click on "User Accounts"
• Click on "Change the way users log on or off
• Clear the box next to "Use the Welcome Screen"
• Click on "Apply Options"
• Follow the instructions above to change your password (Ctrl-Alt-Delete etc)
• Change the "Use the Welcome Screen" option back if you wish.

Local Support
Contact your Fermi Domain Support Person. If you are not sure who your support person is, you can contact your Windows Policy Committee member, or the Computing Division Helpdesk at ext 2345 or http://helpdesk.fnal.gov.

• Does not contain your name or username.
• Contains at least ten characters.
• Contains characters from each of the following three groups:
  • Uppercase and/or lowercase letters
  • Numerals (0 through 9)
  • Symbols (characters that are not defined as letters or numerals, such as !, @, #, and so on)
• Is very hard for a person or program to guess

• Your Kerberos password must be known only to you.
• Make sure that you do not write it down anywhere that someone could find it.
• Do not put it in a file (encrypted or not).
• As a usual practice, type it only at the console of a system on which you authenticate.
• Only on very rare occasions, when you have no other choice, may you pass it over a network connection. The connection MUST BE ENCRYPTED. Verify that ALL connections in the chain are encrypted.
• Choose a character string different from your Kerberos password for all other passwords and other objects. (The one exception: your passwords for the FNAL.GOV and FERMI.WIN.FNAL.GOV realms can be the same.)
• If you mistakenly type your Kerberos password over the network on an unencrypted channel, please change your password immediately!