.TH PASSWD 1 .SH NAME passwd, netkey, iam \- change user password .SH SYNOPSIS .B passwd [ .I authdom ] .PP .B netkey .PP .B auth/iam [ .I username ] .SH DESCRIPTION .I Passwd changes the invoker's Plan 9 password and/or APOP secret. The Plan 9 password is used to login to a terminal while the APOP secret is used for a number of external services: POP3, IMAP, and VPN access. The optional argument specifies the authentication domain to use if different than the one associated with the machine .I passwd is run on. .PP The program first prompts for the old Plan 9 password in the specified domain to establish identity. It then prompts for changes to the password and the secret. New passwords and secrets must be typed twice, to forestall mistakes. New passwords must be sufficiently hard to guess. They may be of any length greater than seven characters. .PP .I Netkey uses the password to encrypt network challenges. It is a substitute for a SecureNet box. .PP These commands may be run only on a terminal, to avoid transmitting clear text passwords over the network. .PP .I Auth/iam can be run only by the the host owner (the user specified as the contents of .BR /dev/hostower ). With it both the identity and password of the host owner may be changed. For example, if start a terminal and log in as .LR tor , you may later change identity to .LR supertor . If the host owner changes, all processes running as the host owner also change their identity to the new user id. .PP Without an argument, .I Auth/iam just sets the password of the host owner. This can be used on machines like the Bitsy which have no possibility of user input until the bootstrap procedure has already started a number of processes. .SH FILES .B /dev/key .SH SOURCE .B /sys/src/cmd/auth/passwd.c .br .B /sys/src/cmd/auth/netkey.c .SH "SEE ALSO" .IR encrypt (2), .IR cons (3), .IR securenet (8) .PP Robert Morris and Ken Thompson, ``UNIX Password Security,'' .I AT&T Bell Laboratories Technical Journal Vol 63 (1984), pp. 1649-1672