Why Does the Cyber Range Use Insecure Passwords for Virtual Machines?¶

The primary reason that the Virginia Cyber Range uses insecure passwords for virtual machines is because users have already been authenticated to the Cyber Range by the time they're presented with a login prompt or are asked for the root/administrator password. Other factors include:

If we used unique passwords for each VM, users would need to remember (or lookup) the password for each environment
If an instructor or TA needs to check work, they'd potentially need to look up the password for each student
In some operating systems or login processes, copy-paste is not supported
In some operating systems, there is poor accessibility support during the login process, or until the user logs in for the first time
If a user needs support, the user would be required to transmit their password over an insecure protocol, which reinforces a bad behavior
In most cases, auto-login to the desktop (which is assisted by having a defined password) allows us to enable some accessibility features on behalf of a student automatically

Have a Question? Contact Support¶

Important

Students, please reach out to your instructor who can submit a ticket to our Support Team on your behalf.

We're here to help you. If you still have questions after reviewing the information above, please feel free to submit a ticket with our Support Team and we'll get back to you as soon as possible.