Configure settings for extended security.
Note
When user authentication is configured, specify the character string for the key used for encrypting the login passwords or document passwords that are sent from each kind of driver.
To specify the driver encryption key, register the encryption key specified using the machine in the driver.
Click the Change button to open the Driver Encryption Key page, and then specify the driver encryption key.
Specify the encryption strength of the driver encryption key.
All jobs that support user authentication are accepted.
Jobs encrypted with Simple Encryption or DES are accepted.
Jobs encrypted with Simple Encryption, DES, or AES are accepted.
Note
This can be specified if user authentication is set. When the job history is checked using a network connection for which authentication is not available, all personal information can be displayed as "********".
Specify whether to encrypt the individual settings of the machine's users and the data in the Address Book. If you select On, configure the encryption key.
Configure the encryption key to encrypt the individual settings of the users and the data in the Address Book.
Click the Change button to open the Encryption Key page, and then specify the key.
Click the Execute button to encrypt the individual settings and the address book data, using the specified encryption key.
If you have changed the encryption key, the data is decrypted with the old key and re-encrypted with the new one.
Locks a file protected by password if an invalid password is entered ten times for the file.
Specify whether or not to limit the available fax destinations to the destinations registered in the Address Book.
If you select On, a user cannot enter the destinations for transmission manually.
If you set Restrict Adding of User Destinations (Fax) to Off, specify whether or not to allow users to register a fax destination in the Address Book using the fax number manually entered. Normally, users can register a fax destination in the Address Book by manually entering a fax number and then pressing the Program Dest. button. If you set this function to On, users can enter a destination manually but cannot register that destination in the Address Book by pressing the Program Dest. button. This function restricts user registration in the Address Book.
Specify whether or not to limit the available scanner destinations to the destinations registered in the Address Book.
If you select On, a user cannot enter the destinations for transmission manually.
If you set Restrict Adding of User Destinations (Scanner) to Off, specify whether or not to allow users to register a scanner destination in the Address Book using the destination manually entered. Normally, users can register a scanner destination in the Address Book by manually entering the destination and then pressing the Program Dest. button. If you set this function to On, users can enter a destination manually but cannot register that destination in the Address Book by pressing the Program Dest. button. This function restricts user registration in the Address Book.
If you use Forwarding or Transfer Box under the fax function, files stored in the machine can be transferred or delivered.
To prevent stored files being transferred by mistake, select Prohibit for this setting.
When User Authentication Management is configured, specify whether or not authentication is required for operations such as canceling jobs under the copier and printer functions.
You cannot print for authenticated jobs .
Authorized users and the machine administrator can use the machine. When this is selected, authentication is not required for users who logged in to the machine before Login Privilege was selected.
Any user who performed a copy or print job can cancel the job.
Also, the machine administrator can cancel the user's copy or print job.
Note
Specify whether or not to disable communication via HTTPS for @Remote Service.
Specify whether or not to disable firmware updates on the machine.
Specify whether or not to prevent changes in the machine's firmware structure.
Change firmware structure refers to insertion and removal of SD cards containing firmware, and insertion of incorrect SD cards.
Specify Complexity Setting and Minimum Character No. for the password.
By making this setting, you can limit the available passwords to only those that meet the conditions specified in Complexity Setting and Minimum Character No..
If you select Level 1, specify the password using a combination of two types of characters
selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.
If you select Level 2, specify the password using a combination of three types of characters
selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.
Specify whether or not to disable settings with SNMPv1, v2 protocol.
When the machine is accessed using the SNMPv1, v2 protocol, authentication cannot be performed, allowing machine administrator settings such as the paper setting to be changed. If you select Prohibit, the setting can be viewed but not specified with SNMPv1, v2.
An application using network connection may cause multiple authentication attempts to the device even if a user sends only one authentication command using the application.
In this case, if the authentication fails due to an incorrect password, the device may count the failure as the multiple authentication failures and then lock out the user.
If you select On, you can prevent such user lockouts.
Specify a period during when to exclude from the user lockout count repeated access by the same user ID and password.
If you fail to login after the specified period elapses from the last authentication failure, this access is counted as an authentication failure
and classified as the target of user lockout.
Specify how many users to be excluded from the user lockout can be monitored.
If the number of users exceeds the specified number, the oldest user information is erased and the new information is retained.
The erased users will be classified as the target of user lockout even during the period specified for Denial Duration for Access Violation.
Specify the number of passwords excluded from the lockout count.
If the number of the passwords exceeds the specified number, the old password information is erased and the new information is retained.
The erased passwords will be locked out even when Denial Duration for Access Violation is configured.
Specify how many passwords to be excluded from the user lockout can be monitored.
If the number of password exceeds the specified number, the oldest password information is erased and the new information is retained.
The erased password will be classified as the target of user lockout even during the period specified for Denial Duration for Access Violation.
Specify the interval for monitoring the information of Managed User Host Limit and Password Entry Host Limit.
If the number of authentication requests exceeds the specified setting, the system classifies the access session as a password attack.
The access session is recorded in the access log and the log data is sent to the machine administrator by email.
Specify the maximum number of allowable authentication attempts. If the number is set to 0, password attacks are not detected.
Specify the interval to count the number of repeated failed authentication attempts. When the measurement time is over, the logged counts of failed authentication attempts are cleared.
If the number of log in requests exceeds the setting, the system classifies the access session as an access violation.
The access session is recorded in the access log and the log data is sent to the machine administrator by e-mail. Also, a message is displayed on the control panel and on Web Image Monitor.
Note
Specify the maximum number of allowable access attempts. If the number is set to 0, password attacks are not detected.
Specify the interval to count the number of excessive access. When the measurement time is over, the logged counts of access are cleared.
Specify the authentication delay time when an access violation is detected.
This function prevents system down due to the access violation.
Specify the number of acceptable authentication attempts when authentications are delayed due to an access violation.
Click to update the currently displayed information.
Note
Click to apply the settings.
Click to cancel the settings.