When handling and maintaining password for Symantec Web Gateway, Symantec suggests the following best practices:
- During the initial install wizard, create a secure username for the system account within the user interface of SWG appliance.
- As a post-install task, change the password for the admin account within the command line interface (CLI).
- As a post-install task for SWG8490 model, when using the iDRAC, create a secure username and password for the iDRAC interface.
- Take care to not lose the password for the admin account within the CLI of Symantec Web Gateway. The method for securing the password for this account is re-installing the SWG operating system from DVD or OVF.
- Create and use secure passwords.
- If business continuity requirements in your organization include storing a password for SWG in a file, encrypt the file and restrict file access to authorized personnel.
- After you reset an administrator's password, use a secure method (such as a phone call) to notify the administrator of the new password. Email messages are not typically secure methods.
To create secure usernames, consider the following suggestions:
- Create usernames with eight (8) or more characters.
- Avoid using usernames which are the same as built-in administration accounts for other common operating systems or devices, which are typical targets of brute force password attacks. Examples to avoid include:
- root
- Administrator
- admin
- sa
To create secure passwords, consider the following suggestions:
- Do not create a password that uses any of the following formats:
- A word that is found in a dictionary (in any language or jargon)
- A name (such as the name of a spouse, parent, child, pet, fantasy character, famous person, or location)
- Any variation of your personal name or account name
- Accessible information about you (such as your phone number, license plate, or social security number) or your environment
- A birthday or a simple pattern (such as backwards, followed by a digit, or preceded by a digit)
- Create a password that is based on the following recommendations:
- Use a mixture of upper and lower case letters, as well as digits or punctuation
- Make sure the password is unrelated to any previous password
- Use long passwords (eight characters or longer)
- Consider using a pair of words with punctuation inserted
- Consider using a pass phrase (an understandable sequence of words)
- Consider using the first letter of each word in a pass phrase