Guardnvr installation manual, Version 4.4 series – Quadrox QGuard Installation Manual User Manual
Page 59
GuardNVR Installation Manual
59
Version 4.4 Series
Restrict the number of Administrators to a minimum. Since users have fewer rights, a
user password leaking has fewer severe consequences. It is even advisable to have an
extra user account for each administrator, which should be used for regular viewing.
Choose strong passwords. A strong password is a password that is hard to guess by
attackers (people and software). This helps to secure the product against brute force
attacks (trying all passwords). Use the following guidelines:
o
The password should be at least 8 characters long. Longer is better.
o
Use both CAPTIAL and small letters (at least one of each).
o
Use both letters and figures or other characters (at least one of each).
o
There should be no connection whatsoever between the username and the
password. This includes copying parts of the username or having a
semantically relevant meaning (e.g. the password is the name of the user’s
wife). Preferably, the password should have no “human” meaning at all.
One of the prime ways for hackers to retrieve passwords is simply asking for it. A hacker
would pretend to be e.g. a support technician and ask you for the password. In order to prevent
this kind of attack, we outline here the procedure for Quadrox support people regarding
passwords of customers.
First of all, by default Quadrox does not know any passwords of machines in the field. Since
we use the operating system for authentication, there is no way in which we can retrieve a
password, for any reason. The only way for us to know a password is if the customer
voluntarily tells us.
If it is necessary for Quadrox support to have the password in order to give assistance, the
support technician will ask the customer to call the general Quadrox support number or use the
official
(.be) address. This way, the customer is sure that he tells the
password to the correct person.
When you have the slightest doubt about the authenticity of the support person, the requested
way of communicating the password or the telephone number given to call, please don’t
hesitate to call Quadrox support on the following number: +32 (0)16 58 25 85. For USA
customers, please call 1-888-QUADROX.
The Quadrox support personnel will not save or keep passwords in any way. For optimal
security you should change the password after a support call, or in general after revealing the
password to anyone who normally doesn’t have access.
Default passwords should be changed as soon as possible, preferably even before GuardNVR
is put on the network. Otherwise attackers can gain access to the system using easily
retrievable passwords. It’s like locking the door, but leaving the key in the lock.