5.1.1 Strong Administrator Authentication
An administrator of the responder must authenticate strongly. This could be via a high-entropy password or some multiple-factor authentication method (such as a smart card). It is recommended that the administrator use a login account that functions only for responder administration and not for any other function. Use of the same credentials on a vulnerable computer while performing some other task exposes the credentials to capture and misuse.