Protecting the password from unauthorized use is the responsibility of the account owner. If a password is compromised, the owner should change it immediately and report the event to AceLab IT.
Slack is a totally inappropriate way to request a password change or any configuration change. IT has a requirement to manage and track changes. All requests need to be put into Redmine: https://redmine.cbrain.mcgill.ca/
A MCIN employee can change their MCIN password at any time https://ace-ldap-1.cbrain.mcgill.ca/fusiondirectory/recovery.php by entering the email address the directory has for them.
Periodically changing this password is strongly recommended. This password need to be 10 characters long.
Virtual machines often have local accounts, for example “lorisadmin”. When these accounts are set up, a temporary password will be set and communicated to the requester by Slack, text message, telephone or paper, never by email or in the ticket which requested the account. The requester will be forced to change the password on first login.
It is the responsibility of the requester to *securely* communicate the password to any other users who need to use it. Sharing accounts is discouraged but is sometimes necessary with our current infrastructure.
On a personal development VM, the owner can change their password as often as they like.
If a local password is forgotten or lost (these things happen), it can be reset as follows: