Cybersecurity management
The content in this section is currently under review.
What you'll find here
- Cybersecurity recommendations
- How to set new passwords
- How to configure password strength requirements
- How to recover your passwords
- How to permanently deactivate access to the 𝐿𝑒𝑔𝒶𝒸𝓎 Dashboard and set the latest Dashboard version as the default
- List of open ports
What is cybersecurity?
Cybersecurity refers to the practice of protecting computers, servers, networks, and data from malicious attacks or unauthorized access. It involves implementing measures such as firewalls, antivirus software, encryption, and secure authentication methods to ensure the confidentiality, integrity, and availability of digital information. With the increasing frequency and sophistication of cyber threats, individuals and organizations must stay vigilant and regularly update their security protocols to mitigate risks and prevent potential breaches.
Best practices
These are just a few examples of Cybersecurity best practices and it's important to note that different organizations and individuals may have specific needs and requirements based on their unique circumstances.
- For the Manufacturer
- For the Operator
- Install and regularly update firewalls, and other security software on all your devices
- Regularly backup important data and store it in a secure location offline
- Keep operating systems, software, and firmware up to date with the latest security patches and updates
- Educate yourself and your employees about cybersecurity awareness and the importance of safe online practices
- Implement access controls by giving users only the privileges necessary to perform their job functions
- Have options for password recovery set up
- Use strong and unique passwords for each account, and consider using password manager software
- Regularly backup important data and store it in a secure location offline
- Before passing on the controller, make sure to delete all data from your controller
Managing passwords
Password security is crucial in protecting your online accounts. The password should be changed during commissioning.
Change passwords regularly (every 3 to 6 months) to minimize risks.
- Manufacturer options
- Operator options
Setting the Manufacturer password
Login to the Legacy Dashboard as a Manufacturer. See here for the default credentials if this is your first time logging in
Apply the following configuration:
| Scope | Location in Legacy Dashboard | Field | Value |
|---|---|---|---|
| Manufacturer | Manufacturer > Manufacturer Password | Manufacturer Password (enter the current password to confirm) | existing login password |
| Manufacturer > Manufacturer Password | Manufacturer Password | new password you want to set |
- At the bottom of the window, click , then click to apply the changes
Apply the steps above on both the master and slave Charge Controller separately.
Password safety options for the Operator login
Manufacturers can manage Operators' password safety through the following settings:
| Scope | Location in Legacy Dashboard | Field | Value | Info |
|---|---|---|---|---|
| Manufacturer | Manufacturer > Manufacturer Password | Enforce Password change | on | Force change of Operator password on the next login attempt |
| Manufacturer > Manufacturer Password | Enforce strong login passwords | on | The following requirements must be fulfilled:
|
Password recovery and PUK settings
There are two ways to ensure a password recovery is possible for the Operator:
Set a Reset Password PUK
Using the PUK, Operators can issue a password reset.
- Login to the Legacy Dashboard as a Manufacturer
- Under Manufacturer set a
Reset Password PUK - At the bottom of the window, click , then click to apply the changes
Provide the Operator with a Master RFID card
We are currently preparing this section.
Changing the password
1. Login to the Dashboard as the Operator 2. Under _SYSTEM > Password_, clickPassword recovery and PUK settings
The Operator can only recover their password when the manufacturer has provided one of the options above.
When the password is forgotten, leave both the Username and Password empty and hit enter on your keyboard. You will then find the Forgot Password option.
The Forgot Password option appears next to the Login button.
Dashboard security
On some Charge Controllers, the Legacy Dashboard is activated by default.
As a Manufacturer, before handing Charging Stations over to Operators, we recommend fully disabling the Legacy Dashboard or at least setting the Dashboard as the new default.
Besides generally improve cybersecurity, the non-legacy Dashboard enforces communication over HTTPS for all services.
Dashboard selection options
Apply the following configuration:
| Scope | Location in Legacy Dashboard | Field | Value | Info |
|---|---|---|---|---|
| Operator | Operator > Web Interface | Web Interface | 1.0 (legacy) | Sets the Legacy Dashboard as the default |
2.0 | Sets the Dashboard as the default. The Legacy Dashboard is still available | |||
2.0 only | Sets the Dashboard as the default and disables access to the Legacy Dashboard. Attention: this cannot be undone |
- At the bottom of the window, click , then click to apply the changes
Enabling HTTPS
- Login to the Dashbard as an Operator
- Under SYSTEM > HTTPS set
Enable HTTPStoOn - At the bottom of the window, click , then click to apply the changes
Kann ein Manufacturer als default HTTPS für Operators einrichten?
Because there is no way to validate the IP address of each charge controller, by entering the Dashboard you will get a security warning by your browser. You can ignore the warning and proceed to the dashboard.
Handling the HTTPS certificates
What's the point of certificates in our context? (closed networks)
HTTPS certificates, also known as SSL/TLS certificates, are crucial for securing online communications. They provide a trusted means of verifying a website's identity, encrypting data transmission, and protecting users from potential cyber threats. These certificates are issued by trusted Certificate Authorities (CAs) and play a vital role in building trust between websites and their visitors.
To verify your Controller through HTTPS:
- Login to the Dashboard as an Operator
- Under SYSTEM > Certificate Handling click on
HTTPS Certificates - Click on the Download button on the right side. The controller provides you with an HTTPS key
- Let the HTTPS Certificate be verified by an IT specialist
- Upload the verified Certificate onto your controller.
- At the bottom of the window, click , then click to apply the changes
Default port forwarding
See here for the list of ports that are forwarded by default.
Deleting private data
- Login to the Dashboard as an Operator
- Under SYSTEM > System Maintenance click