Different automation manufacturers handle password protection and key generation in distinct ways. 1. Siemens (STEP 7, TIA Portal)

No digital password can protect a PLC if an unauthorized person can physically access the hardware. Keep control cabinets locked.

Schneider hardware security ranges from basic communication passwords to advanced RBAC (Role-Based Access Control).

Cyber security researchers (such as Dragos) have verified that a massive percentage of free or cheap PLC/HMI password cracking tools are intentionally bundled with malware. Dropping these tools onto an engineering workstation can infect the entire Operational Technology (OT) network with Trojan viruses or ransomware.