This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
Unrestricted user access to the application and its settings can reduce the security level of the device. Password protection is a means to limit user access to the application.
In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
Select the policy you want to configure.
In the <Policy name> window that opens, select the Application settings tab.
In the Application settings section select the Security settings subsection.
In the Password protection group of settings, select the Apply password protection check box.
Enter a password and confirm it.
It is recommended to select a password that meets the following requirements:
The password must be at least 8 characters long.
The password must not contain the user's account name.
The password must not match the name of the device on which Kaspersky Endpoint Agent is installed.
The password must contain characters from at least three of the following groups:
uppercase characters (A-Z);
lowercase characters (a-z);
numbers (0-9);
special characters (!$#%).
If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.
Click OK.
Click the Save button.
Password protection is now enabled. If a user attempts to perform a password protected action, the application will prompt the user to enter the password.
The application does not check the strength of the specified password. We recommend that you use third-party tools to verify the strength of the password. The password is considered strong enough if verification results confirm that the password cannot be guessed for at least 6 months.
The application does not prohibit login attempts after many attempts of entering an incorrect password.