Only users who are successfully authenticated can log in to the application system. The account and password complexity, and password validity period must be configured based on security requirements.
The password maintenance suggestions are as follows:
- Change the initial passwords at the first login, including the passwords of the operating system, database, and service system accounts. A new password must:
- Contain eight characters at least.NOTE:
The password of a C/S client operator must contain six characters at least.
- Contain lowercase letters and digits.NOTE:
- To enhance password security, you are advised to use uppercase letters and special characters including the following: -`=\\\\[\\];',./~!@#$%^&*()_+|{}:\"<>?[]*$
- The password of a database user account must contain three types of characters at least.
- Be different from the account or the account spelled backwards.
- Have at least two characters different from the old password in the same sequence.
- Be different from the last five passwords.
- Contain eight characters at least.
- Change the passwords regularly (for example, one every three months), including the passwords of the operating system, database, and service system accounts. The new password must meet the preceding password complexity requirements.
- Designate a person to maintain the root user's password.
- Encrypt passwords before transmission and do not transmit passwords through emails.
- Encrypt passwords for storage.
- Ask the system maintenance personnel to change passwords after the system is handed over from one person to another.
- When you leave the PC where the client is installed, exit the client or enable the screen lock function to prevent unauthorized operations.
