Hi HomerJ,
HPE has no recommendation for security settings other than by default they use the encryption set up during the installation and host on the 8080 https port. They use an encrypted password for the account and have permissions requirements for the SA and TD user accounts, but no security recommendations are suggested, It is at the discretion and individual needs of the client end users to institute their own recommended levels of security as they deem necessary. The passwords for those accounts are encrypted and the td user is generally set to the default which most users never adjust nor change. You are free to do so as it fits the needs of your institution and their individual security requirements but HPE doesn't have a recommendation for security. They do have some documents about how to institute certain types of security as requested by some clients but ,make no recommendation as to how to further enhance upon the basic installation setup (which in itself is quite secure and meets the security needs of most clients). Since clients can have more stringent requirements based upon their operational and productivity/safety needs they are responsible for their individual requirements being met.

Hope this helps,
Dan