Differences

This shows you the differences between two versions of the page.

--- en:onboarding [2025/02/16 09:36] – created Webmaster VitaNetworks
+++ en:onboarding [2025/10/29 20:24] (current) – [Setting a new password / Unlocking your account] Webmaster VitaNetworks
@@ Line 4: / Line 4: @@
 It's likely that along the link to this site you received a set of credentials (username and password). If you did not type in the password personally and in a confidential manner but rather it was chosen for you; then it's a temporary password. Meaning, your account lacks a permanent password and thus it's locked. To unlock it you need to set a new password.
+==== TLDR ====
+Go to antipostal.com and log in with the credentials you received. Follow the steps until you access your mailbox. New accounts start several servers on the background; pages will look as if they're not doing anything but they are in fact waiting for the services to come online. Be patient, Avoid refreshing your browser; instead open the site in a private browsing session without closing the one that's waiting—don't make any changes in the newer session, don't accept, decline or cancel anything. You're only doing this to "wake" the servers, if you will.
 ===== Password requirements: special characters =====
@@ Line 11: / Line 15: @@
 ===== Password requirements: length =====
-//How long?// It's best you don't know for sure, at least for the time being. It's recommended to choose a passphrase rather than a password i.e. a sentence. It will be long enough and easier to type. Though your password can include spaces, it's best you avoid them because the support for spaces in passwords varies across apps.
+//How long?// It's best you don't know for sure, at least for the time being. It's recommended to choose a passphrase rather than a password i.e. a sentence. It will be long enough and easier to type. Although the directory service accepts spaces in passwords, it's best to avoid them as application support varies from one app to the next.
-Across apps? What do you mean?
+//One app to the next? What do you mean?//
 ===== The Directory Service =====
@@ Line 19: / Line 23: @@
 The account we're talking about is commonly known as a domain account, or a directory [service] account. A directory service is a form of database but tuned specifically to store user credentials. Various services (or "apps") use the directory to get the user base that will be allowed to access the service. Directory accounts let you share data between apps and use a single username across all services/apps
+They're not just a name or address, they are long random identifiers that are rarely ever seen, even by administrators. Because of this, it's not possible to recover the data of a certain username by simply recreating it. In addition to that, accounts store cryptographic keys that are impossible to reproduce, and each app can further associate random data of the account to create their own unique identifier.
 ===== Setting a new password / Unlocking your account =====
 As mentioned, you're account is locked while it has temporary credentials so you will not be allowed to continue until you set permanent credentials. Most apps and services will inform you about this or fail silently but a few highly secure apps that are allowed to write to the directory will offer you the chance to change your password in the spot. We'll go briefly over a few of them; please note that there are many others not listed here. Whatever works for you is fine.
+==== About passwords' storage ====
+Let's review quickly what it a hash because it's needed: simply put is a very complex mathematical operation that's considered a one-way operation: it's irreversible. Other characteristics of them are that they always result in the same length, regardless of input and it only takes one character it doesn't matter if it's near the beginning, middle or end of it to output a completely different string.
+As it's best practice and the default in Active Directory, passwords are never stored in the directory, what is stored is the hash of the chosen password, this is created through the means used to set it. When authenticating this is done again thus another hash is created which is much easier to process. If it matches the directory's, the user is granted access.
+It's impossible to obtain a forgotten or lost password, it's only possible to change it. The directory does keep a history of hashes, but it doesn't always enforce not to reuse them of if it does, how far it should go.
 ==== Antipostal.com Webmail ====
@@ Line 33: / Line 47: @@
 ADFS has a simple password update app perfect for accounts that had their password reset.
-==== Your own system ====
+==== Your own desktop ====
 This only applies for users logged in on computers joined to the Active Directory domain, for which they need to be connected from which they can "physically" reach the "Active Directory servers" (i.e. Domain Controllers) or that can reach the Domain Controllers through a tunnel.
+Integration compatibility\\
+Windows ((An SKU with the capability of participating in Active Directory domains is needed, typically these are Serve editions or those with monikers such as: "Professional", "Pro", "Enterprise", "Industry Enterprise", "Industry Pro", etc.))\\
+Windows 8.1 or newer\\
+Windows Embedded 8.1 or newer\\
+Windows Server 2012 R2 or newer\\
+macOS\\
+macOS is compatible since Snow Leopard (Mac OS X 10.6 "Snow Leopard") up to current macOS.\\
+macOS stopped being supported on 10.15 due to its closed, locked down nature. However, up to 10.14 support for it is still offered.\\
+Linux\\
+While not supported due to its capability of endless configurations, some readily available distributions support Active Directory out of the box and integrate transparently with the system. Changing one's password from Linux is no possible though but you might get different results. The tested (and recommended) are:\\
+Red Hat Enterprise Linux 8 or later\\
+Debian 11 or later\\
+[[https://zorin.com/os/pro/purchase/|Zorin OS]]\\
+Fedora 30-ish.
 === If you're not logged in ===
-Log in using your temporary credentials. Your systems automatically will ask you to set new credentials.
+Log in using your temporary credentials. Your system automatically will ask you to set new credentials.
 === If already logged in ===
-{{ :ref:5dbd5572f9b54f1e25d950a0b21549b1.png|⌘⎋⏎⏏︎}}
+[[.:ref:keysymbols|{{ :ref:5dbd5572f9b54f1e25d950a0b21549b1.png}}]]
-{{ :ref:5dbd5572f9b54f1e25d950a0b21549b1.png|https://ref.vitanetworks.link/en/ref/keysymbols|}}
+**On Windows**: On the keyboard, press **⌃⌥⌦** to access the **Secure Desktop**, among the options there's an option to change your password.
+{{:en:windows-change-password-logged-in.png?nolink&600|}}
+**On macOS**: Summon Spotlight pressing ⌘spacebar then start typing //Users & Groups// click on the first result you see from System Preferences. Find your account name and click it. You should see a **Change Password…** button if it wasn't shown before. As in its Windows counterpart, this updates the password on the directory as well as on the local account on your system.
-On Windows: On the keyboard, press **⌃⌥⌦** to access the **Secure Desktop**
+PremLINK doesn't actively support macOS systems newer than 10.14 (Mojave).