SixXS::Sunset 2017-06-06

FAQ : AICCU, TIC, Heartbeat & AYIYA : Which password to use?

Other FAQ sections

  • FAQ Item
    • The SixXS password
    • The TIC password
    • The Heartbeat/AYIYA password
  • Username / Password notes

Which password to use?

For users there are three passwords in SixXS:

The SixXS password

This is the main username/password for logging into the website and it can also be used for TIC. This is the combination of username (eg "EXA1-SIXXS") and password provided to you in the approval email.

The TIC password

The is an optional per-tunnel password that can be set in the Tunnel Details page (log in to your user home, select the tunnel from the list).

Instead of specifying just "EXA1-SIXXS" as a username one can use "EXA1-SIXXS/T12345" along with the configured TIC password.

Using a TIC password restricts usage of that TIC session to the given tunnel. This can be handy in situations where a device does not allow for specifying a tunnel_id or to keep the main website password separate from configuration files.

The Heartbeat/AYIYA password

This is a per-tunnel heartbeat/AYIYA password.

This password is negotiated during the TIC transaction.

It is used to authenticate the heartbeat/AYIYA packets and typically is not seen or used directly by users.

Username / Password notes

Following are some additional notes concerning usernames and passwords:

  • Usernames are also called NIC-handles, as they match the handle in the WHOIS database.
  • Usernames and passwords have of course to be provided without the quotes (").
  • Usernames are case insensitive.
  • One can use an email address instead of the username for logging in.
  • We typically show handles in uppercase, but emails in lowercase.
  • One can use both the handle (EXA1-SIXXS) and the email address for that account as a username.
  • Passwords are restricted to the following set of characters: a-zA-Z0-9!@#$%^&*()-_+=.,;:{}[]~/\?.
  • The MD5 hash of the password is stored in our database (we do not have/keep the plaintext), while MD5 is considered a weak hash, upgrading it to eg SHA256 would not cause any benefit to the user (a weak password is a weak password), next to that it would also require us to update TIC to match this and thus make AICCU incompatible on all devices that it is deployed on hence we are chosing not to bother with that for now.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker