Rotating your Synergis™ unit passwords periodically (Advanced) - Security Center 5.11

Security Center Hardening Guide 5.11

Applies to
Security Center 5.11
Last updated
2022-10-12
Content type
Guides > Administrator guides
Language
English (United States)
Product
Security Center
Version
5.11

For maximum security, we recommend changing your Synergis™ unit administrator passwords on a regular basis.

What you should know

Changing passwords periodically helps to protect vulnerable access control units from unauthorized access due to leaked passwords, brute force attacks, and so on.
Best Practice: Security Center can automatically update the password on Synergis™ units running Synergis™ Softwire 11.0 or later, using the strongest possible password. When using Security Center to manage passwords, we recommend rotating the Synergis™ unit passwords every six months using scheduled tasks.

If you manage passwords manually, or use an external tool that does not ensure maximum password complexity, we recommend changing passwords every 3 months or earlier.

Procedure

  1. From the Config Tool home page, open System > Scheduled tasks.
  2. Click Scheduled task ().
    A new scheduled task is added to the entity list.
  3. Enter a name for the new scheduled task.
  4. Click the Properties tab for the scheduled task, and switch Status to Active.
  5. For Recurrence, select Yearly and specify a day and time to run the task.
    For example, on January 1st at midnight.
  6. For Action, select Update unit password.
  7. For Entities, select one or more supported Synergis™ units.
  8. Click Apply.
  9. Create a second scheduled task following the same procedure.
    This time, schedule the task to run six months after the previous scheduled task, for example, on July 1st, and apply it to the same Synergis™ units.

Results

If supported, the selected access control units are automatically updated with randomly generated passwords every year.
NOTE: This task is skipped if it cannot be executed at the scheduled time because the main server is offline, an entity is unavailable, and so on.