System > Administration
74
SonicOS Enhanced 4.0 Administrator Guide
Changing the Administrator Password
To set a new password for SonicWALL Management Interface access, type the old password
in the Old Password field, and the new password in the New Password field. Type the new
password again in the Confirm New Password field and click Apply. Once the SonicWALL
security appliance has been updated, a message confirming the update is displayed at the
bottom of the browser window.
Tip It’s recommended you change the default password “password” to your own custom
password.
Login Security Settings
The internal SonicWALL web-server now only supports SSL version 3.0 and TLS with strong
ciphers (128 bits or greater) when negotiating HTTPS management sessions. SSL
implementations prior to version 3.0 and weak ciphers (symmetric ciphers less than 128 bits)
are not supported. This heightened level of HTTPS security protects against potential SSLv2
roll-back vulnerabilities and ensures compliance with the Payment Card Industry (PCI) and
other security and risk-management standards.
Tip By default, Mozilla Firefox 2.0 and Microsoft Internet Explorer 7.0 enable SSL 3.0 and TLS,
and disable SSL 2.0. SonicWALL recommends using these most recent web browser
releases. If you are using a previous release of these browsers, you should enable SSL 3.0
and TLS and disable SSL 2.0. In Internet Explorer, go to Tools > Internet Options, click on
the Advanced tab, and scroll to the bottom of the Settings menu. In Firefox, go to Tools >
Options, click on the Advanced tab, and then click on the Encryption tab.
SonicOS Enhanced 4.0 introduces password constraint enforcement, which can be configured
to ensure that administrators and users are using secure passwords. This password constraint
enforcement can satisfy the confidentiality requirements as defined by current information
security management systems or compliance requirements, such as Common Criteria and the
Payment Card Industry (PCI) standard.