Password-protected access to Kaspersky Embedded Systems Security for Windows functions
You can restrict access to application management and registered services by configuring user permissions. You can also set password protection in the Kaspersky Embedded Systems Security for Windows settings for additional protection of critical operations.
Kaspersky Embedded Systems Security for Windows requests a password when you attempt to access the following application functions:
- connect to the Application Console;
- uninstall Kaspersky Embedded Systems Security for Windows;
- modify Kaspersky Embedded Systems Security for Windows components;
- execute command-line commands.
The Kaspersky Embedded Systems Security for Windows interface disguises the specified password on screen. Kaspersky Embedded Systems Security for Windows stores the password as a checksum calculated when the password is entered.
Kaspersky Embedded Systems Security for Windows doesn't check password strength and doesn't block password entry after a number of failed attempts.
When creating a password, you are recommended to meet the following conditions:
- The password doesn't contain the account name or computer name.
- The password is at least 8 characters long.
- The password contains characters that match at least three of the following categories:
- uppercase latin letters (A-Z);
- lowercase latin letters (a-z);
- numbers (0-9);
- symbols of exclamation point (!), dollar sign ($), pound sign (#) and percent sign (%).
You can export and import a password-protected application configuration. A configuration file created by exporting a protected application configuration contains the password checksum and the value of the modifier used to pad the password string.
Do not change the checksum or modifier in the configuration file. Importing a password-protected configuration that has been changed manually may cause access to the application to be entirely blocked.
To protect access to Kaspersky Embedded Systems Security for Windows functions:
- In the Kaspersky Security Center Administration Console tree, expand the Managed devices node. Select the administration group with the protected devices whose application settings you want to configure.
- Perform one of the following actions in the details pane of the selected administration group:
- To configure policy settings for a group of protected devices, select the Policies tab and open the properties of the <Policy name> by means of the context menu.
- If you want to configure application settings for a single protected device, open the required settings in the Application settings window in the Kaspersky Security Center.
- In the Application settings section of the Security and reliability tab, click the Settings button.
The Security settings window opens.
- In the Password protection settings section, select the Apply password protection check box.
The Password and Confirm password fields become active.
- In the Password field, enter the password you want to use to protect access to Kaspersky Embedded Systems Security for Windows functions.
- In the Confirm password field, enter the password again.
- Click the OK button.
The specified settings are saved. Kaspersky Embedded Systems Security for Windows will request the specified password to access protected functions.
This password cannot be recovered. Losing your password will result in the complete loss of control of the application. Additionally, it will be impossible to uninstall the application from the protected device.
You can reset the password at any time. To do that, clear the Apply password protection check box and save changes. Password protection will be disabled and the old password checksum will be removed. Repeat the password creation process with a new password.
