Skip to main content

Editing users

Admins and users

In connection with locking, you will see two kinds of authorities:

  • Admins: They have full access to changing the configuration and can unlock all locking ranges.
  • Users: They can be given permission to unlock one or more locking ranges.

The Admin1 authority cannot be disabled, while the rest of the Admins can be enabled or disabled as you like. Since SEDManager does not use any of the other Admin authorities, it's recommended that you keep them disabled. Users can also be enabled or disabled as you like. Don't enable Users unless you're actually using them.

User parameters

You can configure the following parameters for each Admin or User:

  • Enabled: When set to false, the user cannot be authenticated, even if the correct password is provided.
  • Name: You can set an informational name (e.g. John Doe), a unique username (e.g. john_doe), or leave it blank. In the PBA environment, you can log in using either the name given here (john_doe) or the canonical name (User1).
  • Password: Changes the password that the user authenticates with.
Changing Admin1's password

This page allows you to change the password of Admin1. Be aware that the Admin1 listed here is the same Admin1 you used to enter this configuration page, so you can easily lock yourself out if you carelessly change the password.

Changing User passwords

Currently, this is the only page where you can change passwords. Support is planned for users to change their own password, but, for now, you have to open this page and ask them to enter their new password while looking away.

How should I configure users?

  • You're the only one using the drive: Enable User1, set a username (e.g. john_doe), and set a password. Reusing the owner's password has a very small effect on overall security, so it's fine to do so.
  • You're sharing the drive with others: Enable one User for each person using the drive, set their usernames (e.g. alice_92, bob_76), and set a default password for them. Each user's password should be unique and different from both the Admin1 and the owner's password. If the owner also has a User, you can reuse the owner's password for that User.

Name and password limitations

Maximum 32 characters

Names and passwords must be no more than 32 characters, a limitation imposed by the TCG specifications. Entering a longer password will result in an error message. Non-English characters may account for up to 4 characters.

Alphabets

It's up to the device to support non-Latin characters. In case the value you entered is not supported, you will receive an error message. While SEDManager fully supports non-Latin characters, the PBA environment uses the US-English keyboard layout, so you may have trouble entering such passwords and usernames in the PBA.

Characters are encoded as UTF-8

SEDManager uses UTF-8 to encode both names and passwords. This may be important information if you intend to use other tools alongside SEDManager, and your usernames and passwords contain non-ASCII characters.