HP Commercial LaserJet Printers and MFPs - Imaging and Printing Security Best Practices
Chapter 3 HP LaserJet and Color LaserJet MFP Security Checklist 10
log of the passwords in a safe place. Web Jetadmin will prompt for passwords during the
configuration process if they are missing from the cache.
CAUTION:
Losing passwords can block access to an MFP. Be careful to record them
in a safe place. It is most important to remember the Bootloader
password. With it, it is possible to restore the MFPs to factory default
settings. Without it, the only way to restore the MFPs is to involve an HP-
authorized service technician to reset the entire MFP. You may wish to
use a password vault program to organize and store all of the
passwords.
Here is a list of the passwords you should configure:
Web Jetadmin password (required during installation of Web Jetadmin)
SNMPv3 credentials
Bootloader Password
EWS Password
Device Password
File system password
Fax PIN
Device PIN (for MFP functions)
User PIN (for individual user accounts)
PJL password
Use good practices for setting and updating passwords (some of the password settings have
limitations on what and how many characters may be used):
Use alpha and numeric characters whenever possible.
For numeric only passwords use passwords with at least nine digits.
Use a different password for each password setting. Many of the latest password cracking
tools can follow patterns to make guessing easier.
Avoid using a pattern for passwords.
Change the passwords often with the exception of your HP Secure Hard Disk password.
Changing your HP Secure Hard Disk password (Drive Lock Key) causes a loss of all data
on your disk and system security settings
Use the maximum number of possible characters. Many of the password settings will
accept as few as one character, but one character is easy to guess. Current data shows
that nine characters or more are extremely difficult or almost impossible to guess using the
latest password cracking tools.
Use complicated passwords. Use a variety of character types. Some of the passwords
allow only numeric digits, but others can accept 96 or more different characters (upper
case, lower case, numeric, special characters, and punctuation marks).