Creating an Initial Administrative User
The first step is to create a new user under the security admin role, with a real administrator's name. The initial password will be temporary. This user will be forced to change it upon first login and use the new password rules (see Password Policy). He/she will have the ability to (a) delete the default accounts, and (b) create additional new accounts.
Important
Before creating an account, be sure to have an acceptable (secure) password (see Choosing a Strong Password).
To create the first administrator account via the Web Interface, do the following:
- On the Administration page, click Accounts from the sidebar menu.
The Accounts List View opens, displaying the list of defined user accounts for the device (as shown in the following Makito X4 Encoder example): - Click the Add button.
The Add Account dialog opens. - Enter the user Name you wish to use for the account (maximum 20 characters with no spaces).
- Select Administrator from the Role menu.
- Enter a temporary Password for this account, and then retype it in the Confirmation Password field.
- Click Add Account.
Note
Feedback on password quality (relative to the Password Policy) may be provided, followed by a prompt to retype the password.
An administrator can repeat the same "weak" password at this point, and it will be accepted.
If he/she enters nothing (or a different password), then a password mismatch warning is displayed.
He/she then has two more chances to enter another (better) password.
Note that normal users changing their own password cannot enter a weak password. - To verify that the new account has been successfully created, and to continue with hardening operations, you must sign out and sign back in using the new account user name and password. You will be prompted to change the temporary password (according to the Password Policy set earlier).