DALnet Password Guide
26th February 1997
revised 23rd July 2000
This is a basic tutorial on DALnet nickname and channel passwords. In addition to explaining the NickServ and ChanServ password commands it also explains how to choose a good password and offers other related advice. It is always useful to know how to pick a good password, for DALnet or anywhere else you might need one.
If you have any comments on this guide, please send them to docs@dal.net.
Table of Contents
Introductory Note
1. NickServ and ChanServ Password Commands.
2. Choosing a Password.
3. Identifying with NickServ/ChanServ.
4. If you Forget your Password (Finding a CSop).
5. Losing your Nicknames and/or Channels.
Introductory Note
When a command says <nick> or <channel> or <pass> instead of typing that replace it with your nick or channel name or password.
The commands are in the format /nickserv (and parallely for the other services). This is a server-side alias. If it does not work for you try /quote nickserv or /msg nickserv. But the msg format is less secure because typos can cause the command to go to an actual user. If your client supports multiple windows, always send commands in your status window so that you have a smaller chance of missending a command.
1. NickServ and ChanServ Password Commands:
IMPORTANT:
!!! A nickname or channel password is proof of ownership for that !!!
!!! nickname/channel. Do not tell your passwords to other people. !!!
The first thing we should discuss is the password syntax for nickname and channel registration with DALnet's Services...
The commands are as follows:
- for Nickname Registration:
/nickserv register <pass>
Note: your nick is not required, as NickServ registers the nickname you are currently using.
- for Channel Registration:
/chanserv register #channel <pass> <description>
Note: your password replaces <pass> in the command line.
Note: Description can be any short sentence or phrase which describes the channel. It can be anything but must be included.
2. Choosing a Password:
There are some criteria for what can and cannot be used as a password by Services...
These include:
- Passwords must be one word without any spaces included.
- Cannot use your nickname as a password for your nickname.
- Cannot use the word password as a password.
- Passwords can be as long or short as you like, whole sentences if you prefer. :)
- Passwords are case sensitive, meaning that if you use capital letters in your password when you register, you need to use the same when trying to gain access.
There are several considerations for choosing a password for your nickname and channel. We will discuss these one by one:
#1: Do not use your real name, address, phone number or other such info as a password, as such will most likely be the first information tried for guessing your password.
#2: The prepending (adding in front) or appending (adding to end) of a numeral or letter to your nickname as a password is a little more secure than using your real name, but is still a bad idea for a password. e.g.
<Jonathon> /msg nickserv register Jonathon1
#3: A password should not be an English or even a real word if possible...There are programs available that will check thru every word in a dictionary to see if password is one of those.. A bit extreme, but some users/hackers will go to the limits for such information. note: This is especially true for such things as computer account passwords, but is not really a big danger on DALnet.
#4: Using various patterns of capital letters and characters in your password will make it harder to guess for those trying to break your code since it increases the possible variations. For example: using Goober is good and fine.. but using gOoBEr is better. :)
#5: The best kind of password is a totally random string of characters, but they are hard to remember unless written down.
#6: Passwords can be as short or long as you like.. Obviously, using a very short password is a bad idea as it can easily be guessed, while using a longer one is harder to guess. It is entirely a good idea to think up a whole sentence that you can remember and then use it for your password. Such as:
babydragonsarecalledhatchlingsordwaggies
Fe_Fi_Fo_Fum_I_smell_the_blood_of_an_englishman
Additional Note:
Make sure you get the capitalization right when using these kind of passwords!
#7: Some users like to re-use passwords for all their nicks and channels.
While this is easy to remember, it also makes it easy for someone to gain access to all your nicks and channels if they gain access to your one password.
#8: A common idea is to write down your password so it can be as weird as you desire without having to remember it exactly. While this is a great idea and commonly advised, make sure you do not 'keep' the written password where anyone can see it. Such as on a post-it note on your monitor... Use common sense in these cases as in anything. :)
#9: For those users that want to make password selection into a science of its own, here is a sample of a 'system' of selection that can be committed to memory and almost guarentees your password not being
guessed by anyone. :)
- Pick a sentence you find easy to remember.
- Make up a "rule" by which you pick letters from the sentence, could be anything like this: all the first letters of the words, all the second letters of the words, all the last letters of the words, or the first letter from the first word, the second letter from the second word, etc..
- After this, vary the case according to some other rule, or put a special character in the middle of it, or something similar, so that the password is not just composed of letters (and possible numbers)
- You can use this scheme for all of your passwords, if you just make sure that at least 1, and preferably 2 characters change for each password (for instance, add 2 letters from the computers/systems name after the final password)...
That about covers the different do's and dont's for password selection...
As always, you can take a little bit from here and there and make your own unique system of selection.
!!! SUGGESTIONS:
- Always change a password if you suspect someone might have found it out.
- It is a good idea to change the password regularly (weekly, monthly, every half year, etc..) -- this way, if someone does find it out and you don't notice it, they cannot go on accessing your nickname/channel forever.
3. Identifying to NickServ and ChanServ:
Upon occasion, you will be required to identify to NickServ or ChanServ with your password; most times this is to change a Nickname's or Channel's setting and sometimes to make NickServ recognize you from a different account. To ensure that you are not sending your password to the wrong place, make sure you are on DALnet before sending any passwords -the server name will have dal.net in it (i.e. hebron.dal.net)
Many users will come across the idea of using an "auto-identify" script that sends a automatic identify command to NickServ or ChanServ upon logging on.
While this is very convenient and you will not lose your password unless you have system crash where you lose your script files, the obvious problem is that if anyone else uses your computer, they have access to your passwords quite easily. We advise against this unless you are the sole user of your computer. You have to remember to make sure that if you use any other net than DALnet, NickServ and ChanServ nicks are not a special case in those networks, and anyone could be using them. Thus if you send an auto-message to NickServ identifying yourself, and are on another net, they will get to know your password and can then come and claim your nickname on DALnet. This is not just paranoia, it has happened - so be VERY careful with scripts which send out your password.
If you want to use an auto script to identify yourself, ask in one of DALnet's recommended scripting help channels for advice on how to have the script check to be sure Services are legitimate.
Things to check for when auto-identifying:
- address for NickServ/ChanServ is service@dal.net
- they are using the server "services.dal.net"
- you are on a server which name ends in "dal.net"
4. If you Forget your Password:
DALnet will do its best to try to recover lost passwords, but it's extremely difficult for us to establish identity correctly. There are only a few people allowed access to passwords, these people are called CSops. If the password is lost, it is very difficult for CSops to totally verify that you are the owner of that nickname or channel. In most cases, a CSop will NOT give you the password unless they are 100% sure of you. Therefore, with password problems, be prepared to accept that you could lose your nickname or channel.
There is only one sure way of establishing nickname/channel ownership, and that is with the password.
DALnet holds that it is the user's responsibility to look after any/all nickname and channel passwords. We will do what we can in problem situations, but that might not be a lot in every case.
Before you look for a CSop to help with password problems, you should check these things:
"My password does not work!"
#1: Are you using the correct command?
- For identifying for nicknames, the command is
/nickserv identify <yournickpassword>
Replace <yournickpassword> with your password, without including the < and > around it unless they really are part of your password. Make sure you are using the right nickname at the time.
- For identifying for a channel as the founder, the command is
/chanserv identify <#channel> <yourchannelpassword>
Replace <#channel> with your channel name, with the # in front but without the < and > around it. Replace <yourchannelpassword> with your password, without including the < and > around it unless they really are part of your password.
#2: Check that your nickname or channel hasn't expired, and that it appears to be yours.
- The command to check for information on a nickname is:
/nickserv info <nickname>
Replace <nickname> with your nickname, without the < and > around it.
- With the above command, make sure that the "last seen" and "time registered" info looks correct.
- If a nickname or channel goes unused for a time (currently, 20 days), it will "expire" due to unuse. If you use your nickname regularly this should not be a problem, but it's worth checking. If a nickname or channel expires, another user is free to register it. If the founder's nick expires, a channel will expire regardless of
use.
- If you are sure you have used your nickname or channel regularly so that it hasn't expired, and suspect it has been "stolen" by someone, you can seek out the help of CSops.
#3: Passwords are case sensitive.
- One of the most common "bad password" problems is caused by passwords being case sensitive. If your password is "Apple", trying to use "apple" does not work. Similarly, if it is "biCYCle", trying to use "bicycle" does not work.
#4: Did you accidentally include the < and > around your passsword?
- Passwords do not usually include the < and > around them, but it is common to accidentally include them when registering a nickname or channel, if you follow the examples of registration commands to the letter.
- You could also have put some other characters around the password, such as *'s, "'s, []'s, ()'s, etc., depending on the example for the register command which was originally shown to you.
#5: Check that your password not the word "pass".
- Sometimes people accidentally use "pass" (with or without the quotes, or perhaps other characters around it, as mentioned above) as their password -- it's worth checking unless you're positive this does not affect you. Other variants are "password" or "mypass".
- For channels, sometimes people forget to put the password in, and the first word of the description becomes the password. Check that the description of your channel doesn't have the first word missing, if that's the case then likely it ended up as the channel password.
#6: If none of the above work, you should seek the help of a CSop.
"I forgot my password!"
#1: Did you REALLY forget the password?
- If you think you know what your password is, but it doesn't work, see above for the answer to "My password does no work!"
#2: If you remember part of the password, but not enough to begin even guessing what it might be, a CSop might be able to help you.
#3: If you lost your password completely
- For nicknames, your best bet is to not use your nickname for roughly a month (currently, 20 days) and wait for your nickname to expire, and then register it again.
- For channels, if you do know your nickname password, you should seek out a CSop to help you recover the channel password.
"What password? I don't have a password!"
#1: All nicknames and channels have a password for owner access.
- The password was specified when you registered your channel or nickname. You cannot register without specifying a password, so even if you think you don't have one, you do. At the time of registering your nick or channel, NickServ/ChanServ sent back a notice telling you the password you used.
- The register commands are:
/nickserv register <password>
/chanserv register <#channel> <password> <description>
From here, you can see where the password appears in the register command. Maybe that helps you to remember what you used for your password.
#2: If that does not help, see "I forgot my password!", above.
Finding CSops
#1: Find one yourself
- You can get a list of CSops by looking at the services MOTD page, which you can view by typing "/motd services.*". Not all of the people are going to be online, and even if CSop is online they could be busy with other duties. Be polite when asking for help.
- To locate a CSop from the list, you can type "/whois <nick>" to see if that person is online. If they are, you can use the normal "/msg <nick> <message...>" way of sending them a message, asking for help.
- Make sure that the CSop is legitimate -- all CSops are IRC operators, so check that the user who you are talking to is one and not an impersonator. If the /whois information for that person does not show them as an IRC operator, politely ask them to turn on their operator status so you can verify their legitimacy.
#2: Join a channel to find help in finding one
- You could find a CSop, or a person who could find a CSop for you, in the DALnet IRC operator help channel #Operhelp
- People on help channels (#dalnethelp, #irchelp, #help, ...) might be able to help you in finding a CSop too.
note: CSops are not required to provide you with the password if they question your rightful ownership to such nick or channel.
5. Losing your Nicknames and Channels:
Nicknames and Channels have a expiration date of nonuse when Services will drop them from the Registry. For Nicknames it is 20 days without being used by the owner and for Channels it is 20 days without ChanServ OPing someone in that channel or when the founder's nick expires. These Nicknames and Channels are then up for grabs...
As always, if you have any questions about the use of passwords in DALnet services, come to #Dalnethelp and ask one of the helpful Ops or helpers to clear your confusion.
And if you have a problem with a user gaining access to your nick or channels illegally, go to #Operhelp and ask for a CSop to help you with that problem.
And again, please try to remember your password as this saves a lot of time and allows you to enjoy DALnet all the more. :)
Good luck and enjoy DALnet,
Drakkar
Proud user of the DALnet IRC Network
Thanks to Wizzu for suggestions on filling out the topics :)
This file is Copyright (C) by the DALnet IRC Network.
Revised by Surel
IRC: /server irc.dal.net 7000 (also port 6667)
The Info on WWW: http://www.dal.net
DALnet FTP site: ftp://ftp.dal.net
IRC Mailing lists: http://www.dal.net/documentation/lists.html
Network! Email: help@dal.net (help), docs@dal.net (help documents),
comments@dal.net (comments and suggestions)
