Help Center/ Elastic Cloud Server/ FAQs/ ECS Security Check/ Are ECSs with Simple Passwords Easily Attacked?
Updated on 2025-08-06 GMT+08:00

Are ECSs with Simple Passwords Easily Attacked?

It is recommended that your password contain 8 to 26 characters that consists of digits, uppercase and lowercase letters, and special characters. It is a good practice to download virtualization antivirus products and host security hardening products from Huawei Cloud KooGallery and install them on your ECSs to enhance security.

If your ECS has been intruded, contact customer service for technical support.

Table 1 Password complexity requirements

Password complexity requirements

ECS Creation

Password Reset

Length

Must contain 8 to 26 characters.

Must contain 8 to 26 characters.

Characters

Must contain at least three of the supported four character types.

Must contain at least three of the supported four character types.

Security

  • Cannot contain the username or the username spelled backwards.
  • Cannot contain more than two consecutive characters in the same sequence as they appear in the username. (This requirement applies only to Windows ECSs.)
  • Cannot contain the username or the username spelled backwards.
  • Cannot contain more than two consecutive characters in the same sequence as they appear in the username. (This requirement applies only to Windows ECSs.)

Other

None

Cannot start with a slash (/) for Windows ECSs.

Supported Characters

Uppercase letters

Uppercase letters

Lowercase letters

Lowercase letters

Digits

Digits

  • Special characters for Linux ECSs: !@$%^-_=+[{}]:,./?~#*
  • Special characters for Windows ECSs: !@$%^-_=+[{()}]:,./?~#*
  • Online password reset:

    @%-_=+[]:./^,{}? (only applied to Linux)

    $@%-_=+[]:./,? (only applied to Windows)

  • Offline password reset:

    !@%-_=+[]:./? (only applied to Linux)

    !@%-_=+[]:./? (only applied to Windows)