Managing IDs and passwords

Proper maintenance of IDs and passwords is essential for the security of the components and the overall product. Lenovo’s Software Security Review Board stresses in the strongest possible terms that customers should manage all product credentials according to the recommendations stated here.

Initial IDs and passwords

Applicable IDs and passwords will be set or changed during the Lenovo Professional Services deployment engagement. Lenovo Professional Services will provide a list of all credentials used to deploy and manage the ThinkAgile SXM solution in the documentation that is provided to the customer during the solution handover. Lenovo Professional Services will provide a list of all credentials used to deploy and manage the ThinkAgile SXM solution in the documentation that is provided to the customer during the solution handover.

Changing passwords

For password change procedures, refer to the relevant component documentation. See ThinkAgile SXM documentation and related content. In particular, the following Microsoft web page provides an overview and gives detailed instructions for rotating secrets in the Azure Stack Hub environment:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-rotate-secrets?view=azs-2008

Important: Changing some IDs or passwords without proper planning (for example, the IMM/XCC credentials on any of the scale unit nodes) can affect the overall configuration of the solution and could result in the inability to manage the nodes via XClarity Administrator.

Password criteria

The following password criteria are strongly recommended by Lenovo’s Software Security Review Board: It is also recommended that a random password generator be used. One example is the Norton Identity Safe Password Generator.