Managing SmartServer IoT Passwords
For SmartServer Pi, see Changing the SmartServer Pi User Passwords.
For SmartServer 4.1 and prior, see Managing Passwords (Release 4.1 and Prior).
You can change, manage, and reset the SmartServer system and CMS user passwords. You can use the SmartServer system password to log into the SmartServer Configuration page as well as the system console. You can use the CMS user password to log into the SmartServer CMS.
Starting with SmartServer 3.2, if you change the system password on a SmartServer with a CMS user password that matches the system password, then the SmartServer software will change the CMS user password at the same time. If you change the system password on a SmartServer with a CMS user password that does not match the system password, then the SmartServer software will not change the CMS user password. If you change the CMS user password from the CMS, then the SmartServer software does not change the system password. If you re-image your SmartServer, then the SmartServer's password is reset to its default (printed on the back of your SmartServer).
To change the SmartServer system password, see Changing the System Password. This procedure will also change the CMS user password if the two passwords are the same prior to the change.
See also Defining Users for additional user tasks.
This section consists of the following:
Changing Passwords for Enhanced Security
With SmartServer 3.6 and higher, if you log into the SmartServer Configuration pages and Enhanced Security is enabled, and your password does not meet the strength requirements, then the Change Password dialog will appear requiring you to change your password.
Enter the new password, confirm the new password, and click Update to save your changes. See the Conforming to Password Requirements section for more information about password requirements.
Since the Enhanced Security feature is enabled by default, and the default factory password does not meet the enhanced security password requirements, you will always be required to change your password the first time you log into the SmartServer Configuration pages with SmartServer 3.6.
If the Enhanced Security feature is disabled, then strong passwords are not enforced and changing the password will not be required. For example, if you upgrade to SmartServer 3.6 from previous release that has the Enhanced Security disabled, and you have a simple password, then the first time you log into the SmartServer Configuration pages, you will not be forced to change your password.
Enhanced Security has no effect when using SAML or OAuth 2.0 Authentication Methods. Enhanced Security passwords are used when the Authentication Method is set to Basic.
Conforming to Password Requirements
The password must be at least 14 characters long and must include each of the following:
- An uppercase letter ( A-Z ).
- A lowercase letter ( a-z ).
- A number ( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 ).
- A special character.
- With SmartServer 4.4 Update 3 and higher, there are no constraints with regards to special characters that are used.
- With SmartServer 4.4 Update 2 and prior, the following special characters are supported: ! # $ % & ( ) * + , - . / : ; < = > ? @ [ ] ^ _ ` { | } ~ . Single quote ( ' ), double quote ( “ ), spaces, and tabs are not allowed.
The password must conform to the following restrictions:
- Systematic characters (e.g., 1234 and other commonly guessed character patterns) are not allowed.
- The New Password and Confirm New Password entries must match.
- The New Password cannot match any one of the last five passwords.
To reveal the disguised password characters, click the Show Password button ().
Changing the System Password
You can change the SmartServer system password for the SmartServer system username, which is apollo. The initial password for the apollo user is printed on the label on the bottom of your SmartServer.
The username and password credentials on the System Configuration page are used to access the following SmartServer interfaces:
- Configuration web pages
- Local CMS web pages (if enabled)
- IAP/MQ interface
- MQTT interface
With SmartServer 4.0 and higher, the SmartServer system password (apollo) cannot be changed using the SmartServer CMS.
With SmartServer 4.0 and higher for Remote CMS, the password that is used to access the Remote CMS MQTT broker is automatically propagated to all SmartServers that are connected to the Remote CMS. Manual intervention is no longer required to synchronize the passwords that are used by the SmartServers to access the Remote CMS MQTT.
With SmartServer 3.6 and prior, if you change the system password on a SmartServer with a CMS user password that matches the system password, then the SmartServer software will change the CMS user password at the same time. If you change the system password on a SmartServer with a CMS user password that does not match the system password, then the SmartServer software will not change the CMS user password.
To change the SmartServer system password, follow these steps:
- Open the SmartServer Configuration page as described in Accessing the SmartServer IoT Configuration Page. The Network tab appears as the default SmartServer Configuration page. Once the network settings are configured for the SmartServer system, then the System tab will appear as the default as shown in the next step.
- Click the System tab.
- Click Change Password.
The Change Password dialog appears. Enter the following information:
- Current Password
- New Password
Confirm New Password
See the Conforming to Password Requirements section for more information about password requirements.
- Click Update.
Resetting User Passwords
You can reset the password for another CMS user if your user account is specified as an Owner user type. Resetting passwords requires that an SMTP server has been configured for the SmartServer and that a valid email address for the user has been provided, as described in Managing Customer and User Accounts.
To reset a password for another CMS user, follow these steps:
- Open the CMS Users widget.
- Click the Action button () for the desired user and select the Reset Password action.
- Confirm the reset operation by clicking OK on the Confirmation dialog box.
If an SMTP server has been configured in the CMS for the SmartServer to use, then a message appears indicating that a password was sent to the user’s email address. For example:
Otherwise, an error message similar to the following will appear.
Restoring the Factory System Password with the Connect Button
Starting with SmartServer 2.6, you can enable/disable system password recovery using the SmartServer Connect button (see Using the LEDs and Buttons section for more information). When enabled, you can restore the factory system password by holding down the Connect button for 20 seconds. Doing so resets the password to the factory default as specified on the label on the bottom of your SmartServer. The SmartServer indicates it is resetting the password by changing the Ready LED to flashing red. When the password reset is completed, the Ready LED will change to blue and the SmartServer IoT will initiate an immediate reboot.
Password recovery is enabled by default. If you want to disable this feature, perform the following steps:
- Open the SmartServer Configuration page as described in Accessing the SmartServer IoT Configuration Page. The Network tab appears as the default SmartServer Configuration page. Once the network settings are configured for the SmartServer system, then the System tab will appear as the default as shown in the next step.
- Click the System tab.
- Clear the option for Password reset via the SmartServer Connect button.