Use different passwords for maintenance staff (view only) and engineers (edit rights).
Full rights to modify logic, manage users, change passwords, and download hardware configurations. pnozmulti configurator default password
3 (Partial access: allows changes to specific blocks during commissioning). Common Software Defaults: Use different passwords for maintenance staff (view only)
Which are you running? (e.g., Version 10.x , Version 11.x ) Common Software Defaults: Which are you running
| Recommendation | Rationale | |---|---| | — Use the default "admin / pilz" credentials exactly once, then set a strong, unique password. | Default credentials are publicly documented and represent a security risk if left unchanged. | | Use strong passwords — Minimum of 8 characters, mixing upper/lower case, numbers, and special characters. | Weak passwords are easily guessed and susceptible to brute-force attacks. | | Store project passwords securely — Use a password manager with organizational backup, not sticky notes or spreadsheets. | Project passwords cannot be recovered if lost. No backdoor exists. | | Assign least-privilege access — Grant Level 2 (view-only) to maintenance technicians, Level 3 (limited changes) to commissioning engineers, and Level 1 (full access) only to a few key users. | Limits the potential damage from a compromised account. | | Review logs regularly — Check the product's log for unauthorized program changes on a regular basis. | Early detection of tampering or security incidents. | | Restrict physical access — Install base units inside lockable control cabinets. Use security seals on interfaces. | Prevents direct physical manipulation or unauthorized USB connections. | | Keep software updated — Always run the latest version of PNOZmulti Configurator (V11.5.0 or newer). | Ensures known vulnerabilities, including CVE-2018-19009, are patched. | | Use the security device key — For PNOZ m C0 and compatible base units, the security device key provides cryptographic verification of project authenticity. | Prevents loading of unauthorized or tampered project files. | | Protect the configuration computer — Use a firewall, keep virus scanners updated, and avoid logging in with administrator privileges for daily work. | The PC running PNOZmulti Configurator is part of the security boundary. |