Update: The recently released U.S. National Institute of Standards and Technology (NIST) Digital Identity Guidelines recommend longer passwords. It’s important for security professionals to keep abreast of modified recommendations due to advancements in computer power and technologies through their Guardian Support Service.
Generally, we (carbon-based lifeforms) are terrible when it comes to selecting a secure password for our computers or software programs. This comes from not being prepared for the inevitable password question when installing new software or setting up new hardware.
We panic and select something that often is way too common or easy to remember but that also means that it will be too easy for a hacker to guess or to “crack”. We just say “I’ll come back and change that later so I’ll just use one that is easy to remember for now” but we seldom remember to do so. Nobody said that effective credentials management was convenient but it beats the inconvenience of being hacked!
Consider doing the following:
Consider avoiding the following:
Using a Password Manager
For users with large amounts of passwords to manage, there are commercial solutions available that will store and manage your password library. Depending on the selected vendor, these managers store your passwords for you and automatically fill out your log-in forms. Preferably, choose offline versions of such password management programs, but if it is important to use the convenience of online synchronization features, just make sure you change passwords frequently and have a plan in case the program vendor’s database is somehow compromised by hackers.
Remove Default Passwords
For users who utilize software that is delivered or installed with “default” passwords, disable, delete or change the default passwords to something other than what was delivered with the system as soon as possible.
Industrial Control Systems also rely on user credentials and similar recommendations apply to those passwords. For DeltaV systems, the DeltaV Security Manual
provides guidance around passwords complexity, default passwords, expiration period and prompt, as well as password reuse.
Contact your local Emerson Sales or Service Representative and request the latest DeltaV Security Manual, an important cybersecurity manual for the full “best practice” recommendations for security for DeltaV process control systems. It is also available under the Resources page within Guardian Support web portal.
From Jim: You can also connect and interact with other cybersecurity experts in the Operate & Maintain, DeltaV and Ovation groups in the Emerson Exchange 365 community.
The post DeltaV Secure Passwords: The Do’s and Don’ts appeared first on the Emerson Automation Experts blog.
This is the official online community site of the Emerson Global Users Exchange, a forum for the free exchange of non-proprietary information among the global user community of all Emerson Automation Solution's products and services. Our goal is to improve the efficiency and use of automation systems and solutions employed at members’ facilities by sharing our knowledge, experiences, and application information.
User Groups |
World Areas |
Community Guidelines |
Legal Information |
Contact Community Manager
Website translation provided by
© 2015-2020 Emerson Global Users Exchange. All rights reserved.