The Admin section of the PII Scanner Server provides user account management for the administrative web interface. This is where administrators create and manage user accounts, reset passwords, and ensure that access to the PII Scanner Server is appropriately controlled.
Accessing the Admin section:
- Log in to the PII Scanner Server web interface at https://<server-name>:52766
- Navigate to Admin in the main navigation
- Select Users
User list overview:
The user list displays the following for each account:
| Column | Description |
| Username | The unique username for the account |
| Email Address | The user’s email address |
| Account Status | Active or Locked |
Adding a new user:
- Click Add User
- Fill in the user details:
- Username โ unique username (required)
- Email โ the user’s email address
- Password โ must meet complexity requirements
- Confirm Password โ re-enter the password
- Click Create User
When a new user is created, Force Password Change is automatically enabled โ the user will be prompted to change their password on first login.
Password requirements:
| Requirement | Detail |
| Minimum length | 10 characters |
| Uppercase letters | At least one (A-Z) |
| Lowercase letters | At least one (a-z) |
| Digits | At least one (0-9) |
| Special characters | At least one non-alphanumeric character |
Account lockout policy:
| Setting | Value |
| Failed login attempts before lockout | 5 |
| Lockout duration | 15 minutes |
If a user account is locked after failed login attempts, wait 15 minutes for the lockout to expire or have an administrator reset the account.
Editing a user:
- Locate the user in the user list
- Click the Edit icon
- Modify the user details as needed:
- Email address
- Password reset
- Click Update
When an administrator sets a new password for an existing user, Force Password Change is automatically set to true โ the user will be prompted to change the administrator-assigned password on next login.
Resetting a user password:
- Locate the user in the user list
- Click the Edit icon
- Enter a new password in the password field
- Click Update
The user will be required to change this password on their next login.
Forcing a password change:
Password change is automatically forced in two scenarios:
| Scenario | Behavior |
| New user created | Force Password Change enabled automatically |
| Administrator resets a user’s password | Force Password Change set to true automatically |
This ensures users always rotate away from administrator-assigned passwords after first use.
Deleting a user:
User deletion is permanent and cannot be undone.
- Locate the user in the user list
- Click the Delete icon
- Confirm the deletion
First login and default credentials:
On first access to the PII Scanner Server, the login page displays the seeded default administrator credentials:
| Field | Value |
| Username | admin |
| Password | TempP@ssw0rd!2025 |
On successful first login the system marks initial setup as complete and forces an immediate password change. The default credentials are only displayed during the initial setup state and are not shown after first login is completed.
Change the default administrator password immediately on first login.
Swagger API access:
The PII Scanner Server exposes a REST API used by agents and integrations. The Swagger API documentation is accessible at:
The API supports:
- Client registration and retrieval
- Job creation and retrieval
- PII class management
[Your administrator should restrict access to the Swagger endpoint in production environments where direct API access is not required.]
Best practices:
- Change the default administrator password immediately after first login if not already done
- Create individual user accounts for each administrator rather than sharing the default admin account
- Reset user passwords promptly when team members leave or change roles
- Review user accounts periodically to confirm access remains appropriate
- Restrict access to the PII Scanner Server administrative interface to trusted IP addresses where possible
Monitor the application logs regularly for authentication errors or suspicious login activity:
C:\Program Files\Blue Lance 2-0\LTA_PII_Scanner\logs\scanner-*.log
[Your administrator should establish a process for onboarding and offboarding PII Scanner Server users as part of your organization’s standard user lifecycle management procedures.]