Danzell A4.3

How is your firewall password configured?

Section A4: Firewalls · Cyber Essentials Danzell

New in Willow — replaces the Montpellier question with broader coverage of password configuration.

What this question is really asking

Describe how your firewall passwords are configured — specifically that they meet the standard's password requirements: not a default, not a common password, and of sufficient length. Options include a long random password stored in a password manager, or a passphrase. This replaced the narrower Montpellier question about new device password setup.

What satisfies this requirement

A MFA + min 8 chars

B Automatic blocking of common passwords + min 8 chars

C Min 12 chars

D Passwordless (describe)

E None of the above (describe)

Check how you answer this in the CE Explorer

Free tool — all 288 questions mapped across every CE version.

Open CE Explorer

What to prepare before your assessor visit

A common pitfall: firewall management interfaces that were set up with a password that met the old standard's length requirement but no longer meets the current one. Audit all your firewall admin credentials against the current password requirements — not just the devices you recently configured, but every one in your inventory.