One critical MUST-DO for any OpenMRS Implementation: Ensure no default passwords are in use (such as “Admin123”). This is true for everything from user login credentials in the UI, through to any database, web server, container, and/or servlets you are using in production. Even standard database and server tools often come with default passwords - ensure these are changed to unique, secure passwords. |
This section of the wiki contains recommendations for how to secure an OpenMRS installation beyond what is provided by the application itself.
Sections contained within this Wiki area:
Strongly Recommended ResourcesNOTE: We also recommend that OpenMRS community members, especially implementers, familiarize themselves with the following highly-recommended resources:
|