/
Securing an OpenMRS Implementation

Securing an OpenMRS Implementation

Owned by Isaac Sears
Last updated: Sep 21, 2024 by Grace Potma
1 min read

One critical MUST-DO for any OpenMRS Implementation: Ensure no default passwords are in use (such as “Admin123”).

This is true for everything from user login credentials in the UI, through to any database, web server, container, and/or servlets you are using in production. Even standard database and server tools often come with default passwords - ensure these are changed to unique, secure passwords.

 

This section of the wiki contains recommendations for how to secure an OpenMRS installation beyond what is provided by the application itself.

Sections contained within this Wiki area:

 

Strongly Recommended Resources

NOTE: We also recommend that OpenMRS community members, especially implementers, familiarize themselves with the following highly-recommended resources: 

 

Related content

Comprehensive Security Implementation Guide
Comprehensive Security Implementation Guide
Documentation
More like this
Minimum Baseline Security Standard for OpenMRS (MBSS)
Minimum Baseline Security Standard for OpenMRS (MBSS)
Documentation
More like this
OpenMRS Security 101: Policies & Vulnerability Management
OpenMRS Security 101: Policies & Vulnerability Management
Documentation
Read with this
Security
Security
Archives
More like this
Security
Security
Documentation
Read with this
OpenMRS Module Release Best Practices
OpenMRS Module Release Best Practices
Documentation
More like this