Specifying the Policy on Login/Logout
To protect the data in the machine, configure the machine so that login and logout are performed properly.
User authentication cannot prevent unauthorized use completely. For example, an unauthorized person can log in to the machine by guessing the password. If a user does not log out of the machine, another user can use the privileges of the previous user.
Specify the following functions to protect the machine against such risks.
User Lockout
If an incorrect login password is entered several times, the user lockout function prevents further login attempts under the same login user name (Lockout). The locked-out state can be automatically released in a specified period of time. It can be manually released by the administrator as well.
The number of times that the locked-out state is automatically released can be limited to a maximum of four times. For each of the 1st to 4th lockout actions, you can specify whether to activate/deactivate the user lockout function, the number of login attempts before lockout, and the period of time before the locked-out state is automatically released.
You can also specify whether to release the locked-out state by restarting the machine.
Specifying User LockoutBy default, an incorrect login password entry is permitted up to five times and the locked-out state is not released automatically.
In the event that a user enters an incorrect login password, and the machine administrator changes the number of attempts before lockout afterwards, the state of the user concerning lockout may vary in accordance with the number of attempts before lockout that is changed by the administrator. Some examples are as follows:
Number of incorrect login password entries by user
Change to the number of attempts before lockout
State of user
3 entries
Twice -> 4 times
The locked-out state of the user is released.
3 entries
4 times -> Twice
The user is locked out.
3 entries
4 times -> 6 times
Remains unchanged (The user is not locked out.) *1
*1 After 3 entries of an incorrect login password, two more incorrect entries are permitted, and when an incorrect entry is performed for a third time, the user is locked out.
Auto Logout Timer
After you log in, the machine logs you out automatically if you do not use the control panel within a given time.
By default, the machine logs you out automatically if you do not use the control panel for three minutes.
When the time period to allow users to log in to and use the machine is specified, the machine logs you out upon completion of the time period even though the auto logout timer has not expired.
Specifying the Time Period to Allow Users to Log In to and Use the MachineFor details about auto logout from Web Image Monitor, see Web Image Monitor Help.
Time Settings Allowing Operating Machine by Logging in
When the time period to allow users to log in to and use the machine is specified, the machine logs you out upon completion of the time period.
Specifying the Time Period to Allow Users to Log In to and Use the Machine
The User lockout function is enabled on all users only when Basic authentication is specified. Under Windows authentication and LDAP authentication, only the supervisor and administrators are protected by User lockout. The policy of the certification server is applied to the other users.
Specify the number of login password attempts to permit before locking out the user and the period of time until the lockout is released automatically.
Log in to the machine as the machine administrator from Web Image Monitor.
Logging in to the Machine as an AdministratorClick [Configuration] on the [Device Management] menu.
Click [User Lockout Policy] in the "Security" category.
Specify the number of login password attempts to permit before locking out the user and the period of time until the lockout is automatically released.
Lockout (nth Time)
Select [Active], and then specify "Number of Attempts before Lockout" from 1 to 10.Lockout Release Timer
Select [Active] to release the locked-out state after a specified time elapses, and then enter the desired value in "Lock Out User for" up to 9999 minutes (about seven days).Release Lockout When Restarting and Rebooting System
Specify whether to activate the lockout release function by restarting the machine. The supervisor and administrators are subject to the lockout release function.
It takes about 60 seconds for the locked-out state to be actually released after the machine restarts.
Click [OK].
Log out of the machine, and then exit the Web browser.
When a general user is locked out, the user administrator must log in and release the locked-out state.
Log in to the machine as the user administrator from Web Image Monitor.
Logging in to the Machine as an AdministratorClick [Address Book] on the [Device Management] menu.
Select the locked-out user's account, and then click [Change] on the [Detail Input] tab.
Select [Inactive] on "Lockout" of "Authentication Information".
Click [OK].
Log out of the machine, and then exit the Web browser.
When an administrator is locked out, the supervisor must log in to the machine and release the locked-out state. When the supervisor is locked out, the machine administrator must log in to the machine and release the locked-out state. Click [Device Management]
[Configuration] [Program/Change Administrator] to display the Program/Change Administrator screen, and then release the locked-out state.For the supervisor and administrators, you can specify whether to activate the lockout release function by restarting the machine as well.
Specifying User Lockout
Log in to the machine as the machine administrator on the control panel.
Logging in to the Machine as an Administrator
When custom-privileges administrators are registered, you can log in to the machine as a custom-privileges administrator with the Date/Time/Timer privilege as well.
Logging in to the Machine as a Custom-Privileges AdministratorOn the Home screen, press [Settings].
Press [System Settings].
Press [Date/Time/Timer]
[Timer] [Auto Logout Timer].From the list next to Auto Logout Timer, select [On], enter the period of time until the machine logs you out automatically.
You can enter from 10 to 999 seconds.Press [OK].
Press [Home] (
).When the confirmation dialog is displayed, press [OK] to log out of the machine.
When the time period to allow users to log in to and use the machine is specified, the machine logs you out upon completion of this time period even though the auto logout timer has not expired.
Specifying the Time Period to Allow Users to Log In to and Use the Machine
Log in to the machine as the machine administrator on the control panel.
Logging in to the Machine as an Administrator
When custom-privileges administrators are registered, you can log in to the machine as a custom-privileges administrator with the Authentication/Charge privilege as well.
Logging in to the Machine as a Custom-Privileges AdministratorOn the Home screen, press [Settings].
Press [System Settings].
Press [Settings for Administrator]
[Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [Time Settings Allowing Operating Machine by Logging in].Select [Active] from the list next to Time Settings Allowing Operating Machine by Logging in, enter the time for Start Time and End Time.
Press [OK].
When the confirmation dialog is displayed, press [OK].
Press [Home] (
), and then log out of the machine.
You can specify the time period to allow users to log in to and use the machine by using Web Image Monitor as well. For details, see Web Image Monitor Help.