Password-Based Remote Management Authentication; Password Strength; Section 4.1, "Authentication; Section 4.2, "Password Strength - Novell ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - REMOTE MANAGEMENT REFERENCE 10.3 Management Manual

This mode of authentication is not supported when launching remote management operation in the
standalone mode or from the command line.

4.1.2 Password-Based Remote Management Authentication

In password-based authentication, the remote operator is prompted to enter a password to launch the
remote session on the managed device.
The two types of password authentication schemes used are:
ZENworks Password: This scheme is based on the Secure Remote Password (SRP) protocol
(version 6a). The maximum length of a ZENworks password is 255 characters.
VNC Password: This is the traditional VNC password authentication scheme. The maximum
length of a VNC password is 8 characters. This password scheme is inherently weak and is
provided only for interoperability with the open source components.
If you use password-based authentication, we strongly recommend that you use the ZENworks
Password scheme because it is safer and more secure than the VNC Password scheme.
The password schemes operate in the following modes:
Session Mode: The password set in this mode is valid only for the current session. The user on
the managed device must set a password at the start of the remote session and communicate the
password to the remote operator through out-of-band means such as telephone. When
initializing a remote session with the managed device, the remote operator must enter the
correct password in the session password dialog box that displays. If the remote operator fails
to enter the correct password within two minutes after the dialog box is displayed, then the
session closes for security reasons. If you use password-based authentication, we strongly
recommend that you use this mode of authentication because the password is valid only for the
current session and is not saved on the managed device.
Persistent Mode: In this mode, the password can be set by the administrator through the
Remote Management policy or by the managed device user through the ZENworks icon if the
Allow user to override default passwords on managed device option is selected in the security
settings of the Remote Management policy.
If the password is set both by the managed device user and in the policy, the password set by
the user takes precedence over the password configured in the policy.
The administrator can prevent the managed device user from setting the password and can even
reset the password set by the user to ensure that the password configured in the policy is always
enforced during authentication. For more information on resetting the password set by the
managed device user, see
ZENworks Control Center," on page

4.2 Password Strength

Use secure passwords. Keep the following guidelines in mind:
Length: The minimum recommended length is 6 characters. A secure password is at least 8
characters; longer passwords are better. The maximum length is 255 characters for a ZENworks
password and 8 characters for a VNC password.
64 ZENworks 10 Configuration Management Remote Management Reference
Section 2.5.3, "Clearing the Remote Management Password Using
32.