Password-protected access to Kaspersky Security for Windows Server functions
You can restrict access to application management and registered services by configuring user permissions. You can also set password protection in the Kaspersky Security for Windows Server settings for additional protection of critical operations.
Kaspersky Security for Windows Server requests a password when you attempt to access the following application functions:
- connect to the Application Console;
- uninstall Kaspersky Security for Windows Server;
- modify Kaspersky Security for Windows Server components;
- execute command-line commands.
The Kaspersky Security for Windows Server interface disguises the specified password on screen. Kaspersky Security for Windows Server stores the password as a checksum calculated when the password is entered.
Kaspersky Security for Windows Server doesn't check password strength and doesn't block password entry after a number of failed attempts.
When creating a password, you are recommended to meet the following conditions:
- The password doesn't contain the account name or computer name.
- The password is at least 8 characters long.
- The password contains characters that match at least three of the following categories:
- uppercase latin letters (A-Z);
- lowercase latin letters (a-z);
- numbers (0-9);
- symbols of exclamation point (!), dollar sign ($), pound sign (#) and percent sign (%).
You can export and import a password-protected application configuration. A configuration file created by exporting a protected application configuration contains the password checksum and the value of the modifier used to pad the password string.
Do not change the checksum or modifier in the configuration file. Importing a password-protected configuration that has been changed manually may cause access to the application to be entirely blocked.
To protect access to Kaspersky Security for Windows Server functions:
- In the tree of Kaspersky Security Center Administration Console, expand the Managed devices node. Select the administration group with the protected devices whose application settings you want to configure.
- Perform one of the following actions in the details pane of the selected administration group:
- To configure policy settings for a group of protected devices, select the Policies tab and open the properties of the <Policy name> by means of the context menu.
- If you want to configure application settings for a single protected device, open the required settings in the Application settings window in the Kaspersky Security Center.
- In the Security and reliability section of the Application settings tab, click the Settings button.
The Security settings window opens.
- In the Self-defense section, select the Apply password protection check box.
The Password and Confirm password fields become active.
- In the Password field, enter the password you want to use to protect access to Kaspersky Security for Windows Server functions.
- In the Confirm password field, enter your password again.
- Click OK.
The specified settings are saved. Kaspersky Security for Windows Server will request the specified password to access protected functions.
This password cannot be recovered. Losing your password will result in the complete loss of control of the application. Additionally, it will be impossible to uninstall the application from the protected device.
You can reset the password at any time. To do that, clear the Apply password protection check box and save changes. Password protection will be disabled and the old password checksum will be removed. Repeat the password creation process with a new password.
