Security

As soon as possible, perform these security tasks and Contact your administrator about authentication features.

Set a strong password

Make sure your password has 8 to 16 characters, is difficult to guess, and contains a mixture of uppercase, lowercase, and non-alphabetic characters.

Restrict P4 Server access to your client workspace root directory

P4 Server only needs access to the file revisions in your workspace. Access can be confined to the workspace by setting the P4CLIENTPATH variable to the root directory of your workspace. The P4CONFIG variable can be used to make that automatically apply whenever P4 client applications, such as P4 and P4V, use the workspace. Follow the steps for your operating system.

Windows Linux and macOS

Windows	Linux and macOS
Navigate to your client workspace root directory. Run the `p4 set` command. In the output, look for a line that contains: `P4CONFIG=p4config.txt` If the `P4CONFIG` variable is shown, use the file name it displays after the `=` sign in the following steps. If such a line is not listed, run `p4 set P4CONFIG=p4config.txt` and create a new file with `p4config.txt` as its name. In the `p4config.txt` file, add this line: `P4CLIENTPATH=.` This line sets the `P4CLIENTPATH` environment variable to the current directory, your client workspace root directory.	Navigate to your client workspace root directory. Run the `p4 set` command. In the output, look for a line that contains: `P4CONFIG=.p4config` If the `P4CONFIG` variable is shown, use the file name it displays after the `=` sign in the following steps. If such a line is not listed, run `p4 set P4CONFIG=.p4config` and create a new file with `.p4config` as its name. In the `.p4config` file, add this line: `P4CLIENTPATH=.` This line sets the `P4CLIENTPATH` environment variable to the current directory, your client workspace root directory. Export the `P4CONFIG` environment variable and initialize the shell session: For Linux: Edit the `~/.bashrc` file to add the line `export P4CONFIG=.p4config` then run `source ~/.bashrc` For macOS: Edit the `~/.zshrc` file to add the line `export P4CONFIG=.p4config` then run `source ~/.zshrc`

Navigate to your client workspace root directory.
Run the p4 set command.
In the output, look for a line that contains:
P4CONFIG=p4config.txt
If the P4CONFIG variable is shown, use the file name it displays after the = sign in the following steps.
If such a line is not listed, run
p4 set P4CONFIG=p4config.txt
and create a new file with p4config.txt as its name.
In the p4config.txt file, add this line:
P4CLIENTPATH=.
This line sets the P4CLIENTPATH environment variable to the current directory, your client workspace root directory.

Navigate to your client workspace root directory.
Run the p4 set command.
In the output, look for a line that contains:
P4CONFIG=.p4config
If the P4CONFIG variable is shown, use the file name it displays after the = sign in the following steps.
If such a line is not listed, run
p4 set P4CONFIG=.p4config
and create a new file with .p4config as its name.
In the .p4config file, add this line:
P4CLIENTPATH=.
This line sets the P4CLIENTPATH environment variable to the current directory, your client workspace root directory.
Export the P4CONFIG environment variable and initialize the shell session:

For Linux:
Edit the ~/.bashrc file to add the line
export P4CONFIG=.p4config
then run
source ~/.bashrc

For macOS:
Edit the ~/.zshrc file to add the line
export P4CONFIG=.p4config
then run
source ~/.zshrc

To learn more, see P4CLIENTPATH and P4CONFIG in the P4 CLI Reference.

Contact your administrator about authentication features

Your P4 Server administrator controls the security features that depend on the configurables listed at Secure the server in P4 Server Administration Documentation.

Ticket based authentication: the server configurable must be set to 4 or higher to protect multi-server and replicated environments.
SSL/TLS connections to connect to an SSL/TLS-enabled server. If SSL/TLS is in use, you should only accept the fingerprint shown when p4 trust is run after the administrators has validated that it is correct.
Integration with an identity provider through P4 AS and multi-factor authentication through your identity provider (IdP). To learn more, see P4 Authentication Service Documentation.
The Helix MFA app, which should only be used when your password store and your MFA service are separated, such as using LDAP as your password store with Okta as your MFA service. To learn more, see Multi-factor authentication in the P4 Server Administration Documentation.