Operator access
• Authenticate users only over encrypted channels such as HTTPS. Authenticating over non-secure channels such as Telnet or HTTP exposes the password to any eavesdropper. For certificate-based server/FortiRecorder authentication, see
“Replacing the default certificate for the web UI”.
• Immediately revoke certificates that have been compromised. If possible, automate the distribution of certificate revocation lists (see
“Revoking certificates”).