Rotating your camera passwords periodically (Advanced) - Security Center 5.11

Security Center Hardening Guide 5.11

Product
Security Center
Content type
Guides > Administrator guides
Version
5.11
Language
English
Last updated
2023-03-13

For maximum security, we recommend changing your camera administrator passwords on a regular basis.

What you should know

Changing passwords periodically helps to protect vulnerable cameras from unauthorized access due to leaked passwords, brute force attacks, and so on.
Best Practice: Security Center can automatically update passwords for supported cameras using the highest possible password complexity for each manufacturer. When using Security Center to manage passwords, we recommend rotating camera passwords every six months using scheduled tasks.
NOTE: Only certain models of video units support the password update feature from Config Tool. You might have to upgrade the unit firmware for this feature to work. For the list of manufacturers that support this feature, see R_SC_ManufacturersSupportingPasswordUpdate.html.

If you manage passwords manually, or use an external tool that does not ensure maximum password complexity, we recommend changing passwords every 3 months or earlier.

Procedure

  1. From the Config Tool home page, open System > Scheduled tasks.
  2. Click Scheduled task ().
    A new scheduled task is added to the entity list.
  3. Enter a name for the new scheduled task.
  4. Click the Properties tab for the scheduled task, and switch Status to Active.
  5. For Recurrence, select Yearly and specify a day and time to run the task.
    For example, on January 1st at midnight.
  6. For Action, select Update unit password.
  7. For Entities, select one or more supported video units.
  8. Click Apply.
  9. Create a second scheduled task following the same procedure.
    This time, schedule the task to run six months after the previous scheduled task, for example, on July 1st, and apply it to the same video units.

Results

If supported, the selected video units are automatically updated with randomly generated passwords every year.
NOTE: These tasks are skipped if they cannot be executed at the scheduled time because the main server is offline, an entity is unavailable, and so on.