Best Practices for Passwords
To maintain the highest level of security on GigaVUE HC Series and TA Series nodes, customers are strongly recommended to configure passwords for all user accounts and to change default passwords. Specifically, any user accounts that have no passwords, and the default password for the admin account.
Starting in software version 5.9.00, you must configure password for the monitor account, without which you cannot login to the device.
Note: The monitor account is designed to give a read-only access to the GigaVUE‑OS. The monitor account is disabled by default. To enable it, assign a password to the account. GigaVUE‑FM users can use the monitor account as long as it is enabled (has a password).
To change the password on the default monitor account, do the following:
1. | Log in to GigaVUE-FM as the monitor user. |
2. | Click on the monitor menu in the UI header and select Change Password. |
3. | On the Change Password for “monitor” page, enter a new password in the New Password field and confirm the password in the Confirm New Password field. |
When entering the new password, the system displays “Invalid Password” underneath the New Password field until the password meets the password criteria described in the Password Policies section in the GigaVUE-OS CLI Reference Guide.
4. | Click Save. |
The system logs you out of the system to reset the password. To log in again as the monitor user, use the password created in Step 3.
User accounts with no password configured should be updated to include a password. Alternatively, a user account without a password configured can be disabled by doing the following:
1. | Log in as the admin user. |
2. | Select Roles and Users > Users. |
3. | On the User Setup page, select the user whose account you want to disable and then click Edit. |
4. | On the Edit User page, make sure the Enable checkbox is not selected. |
5. | Click Save. |
The system displays a message if the account was updated successfully and the Enabled field shows false, indicating the user account is no longer enabled.
User accounts that do not have passwords set can also be disabled. Refer to Configure Secure Passwords Mode for details.
To avoid any disruption of existing functionality, when the passwords for the affected user accounts have been configured, make sure to update any applications or scripts that may be affected.