Best Practices for Securing Windchill RV&S
Ensure that you make a note of the following best practices for securing Windchill RV&S:
• Do not paste vulnerable script in the browser console
Pasting vulnerable scripts in the browser console may lead to self-XSS attacks
Self-XSS is a social engineering attack used to gain control of web accounts of users. In a self-XSS attack, users may unknowingly run malicious code in their own web browser. Running such code may expose personal information to the attacker, a kind of vulnerability known as cross-site scripting
To prevent such attacks, ensure that you do not paste any vulnerable script in the browser console, which allows attackers to read data that you have access to
• Use strong passwords for Windchill RV&S
Strong passwords have the following characteristics:
◦ Have a minimum password length
◦ Contain uppercase, lowercase, numeric, and special characters
◦ Do not contain the user name or the organization name
◦ Have an expiration policy with a notification to users at a set interval.