Why Are the Weak Password Alarms Still Reported After the Weak Password Policy Is Disabled?
If you have enhanced passwords before disabling the weak password policy, the weak password alarm will not be reported again.
If you do not enhance passwords before disabling the weak password policy, the reported alarm will persist and be retained for 30 days.
- To enhance server security, you are advised to enhance the passwords of the accounts used for logging in to servers, such as SSH accounts.
- To protect internal data of your servers, you are advised to enhance the passwords of software accounts, such as MySQL accounts and FTP accounts.
After modifying weak passwords, you are advised to perform manual detection immediately to verify the result. If you do not perform manual verification and do not disable the weak password scan, HSS will automatically check the settings the next day in the early morning.
Weak Passwords and Unsafe Accounts FAQs
- How Do I Handle a Weak Password Alarm?
- How Do I Set a Secure Password?
- Why Are the Weak Password Alarms Still Reported After the Weak Password Policy Is Disabled?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore