Authentication and the Safety of Your Credentials

Document created by Qualys Documentation Employee on Feb 12, 2013Last modified by Qualys Documentation Employee on Feb 20, 2013
Version 4Show Document
  • View in full screen mode

Authenticating to the target host with login credentials allows our service to perform the most comprehensive scanning by taking a deeper look at your system and its configurations. We recommend using administrator privileges since this will give you the most accurate security assessment and recommended fixes for your systems.


Your credentials are securely handled by the service and are only used for READ access for the duration of the scan. We do not modify your device in any way. The scanning service uses credentials at scan time to log in with elevated privileges and read security information from the target. Using the information collected, the scanner runs the largest number of security tests, checking the most settings and configurations. You’ll see this information gathered as part of your scan reports.


Which user has administrator privileges:


  • For Windows target, use the default administrator account or any user in the “Administrators” group, including Windows domain administrator if applicable.
  • For Unix/Linux, use “root” or any equivalent user.



Are you using QualysGuard?

Please see the online help for further information.