Using the KLAdmin password in Kaspersky Endpoint Security for Windows
The KLAdmin account is an administrator account with unrestricted access to Kaspersky Endpoint Security for Windows. The KLAdmin account has the right to perform any password-protected action in Kaspersky Endpoint Security for Windows, including removing the application. The permissions for the KLAdmin account cannot be revoked. You can set the password for the KLAdmin account in the properties of the Kaspersky Endpoint Security for Windows policy. The Kaspersky Endpoint Security for Windows administrator is fully responsible for the safe use of the password for the KLAdmin account. If your organization has its own password policy, follow the instructions of that policy. The longer and more complex the password, the more reliable it is.
Our recommendations for protecting the organization from theft of the KLAdmin password are as follows:
Do not use the account name or part of the name as the password.
Create a password that is at least 10 characters in length.
Set a complex password that contains characters from different categories: lowercase and uppercase letters, numbers, and special characters.
Set a minimum password expiration date of 90 days. A new password must not match any of the last 24 passwords.