(Settings/Registration) 
<Management Settings> <Security Settings> <Authentication/Password Settings> <Authentication Function Settings><Security Settings>
You can specify the settings related to the user authentication function, password, and encryption.
<Prohibit Authentication Using Department ID and PIN>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Authentication Function Settings>Select whether to prohibit authentication with a Department ID and PIN when operating from the printer/scanner. If <On> is selected, authentication with System Manager ID and PIN is also prohibited when operating from a device management software.
 |
Jobs that are restricted by this setting are forcibly canceled on the machine. |
<Lockout Settings>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Authentication Function Settings>Select whether to block users from logging in for a specified period of time after a certain number of consecutive invalid login attempts. This setting does not apply to authentication with a Department ID or PIN, or authentication for the Mail Box.
 |
Users may be blocked from logging in before a specified number of consecutive invalid login attempts if login operations are performed on Windows or other operating systems, or from applications that use FTP, IPP, SNMPv3, SMB, or WebDAV. |
<Prohibit Caching of Authentication Password>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>Select whether to prohibit caching of a password that is entered at login.
|
Passwords are not saved to the timeline of unauthenticated users or guest users, regardless of this setting. |
<Display Warning When Default Password Is in Use>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>Select whether to display the screen for changing the password when the Administrator logs in to the machine using the default user name and password.
|
If the password has expired, the screen for changing the password appears, regardless of this setting. |
<Allow Use of Default Password for Remote Access>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>Select whether to allow the default password to be used when logging in from the Remote UI.
<Minimum Length Settings>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can set the minimum number of characters required when registering a password to prevent the simplification of passwords. When a password length is set, a user cannot be registered with a blank password.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Validity Period Settings>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can set a password expiration period to force users to periodically change their password, in order to prevent the simplification of passwords.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Prohibit Use of 3 or More Identical Consecutive Char.>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can restrict passwords so that the same character cannot be used consecutively three or more times.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Use at Least 1 Uppercase Character>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can restrict passwords so that only passwords which include at least one uppercase character can be registered.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Use at Least 1 Lowercase Character>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can restrict passwords so that only passwords which include at least one lowercase character can be registered.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Use at Least 1 Digit>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can restrict passwords so that only passwords which include at least one number can be registered.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Use at Least 1 Symbol>
(Settings/Registration) <Management Settings> <Security Settings> <Authentication/Password Settings> <Password Settings>You can restrict passwords so that only passwords which include at least one symbol can be registered.
|
This setting applies to personal authentication management, not to Department ID and PIN. Password restriction settings are valid for passwords that are registered/edited after the restrictions are set. When a password that is already registered exceeds the restrictions for these settings, a screen prompting to change the password is displayed when user authentication is performed. |
<Prohibit Use of Weak Encryption>
(Settings/Registration) <Management Settings> <Security Settings> <Encryption Settings>Select whether to restrict the use of weak encryption, or a key and certificate with weak encryption. Management Functions
|
This setting applies to functions such as IPSec, TLS, Kerberos, S/MIME, wireless LAN, and SNMPv3. The machine may not be able to communicate with devices that only support weak encryption. Even if the use of weak encryption is restricted, it may be allowed depending on the certificate (root certificate). For information on the algorithms prohibited when this setting is set to <On>, see System Specifications. |
<Format Encryption Method to FIPS 140-2>
(Settings/Registration) <Management Settings> <Security Settings> <Encryption Settings>Specify whether to make the function using encryption comply with FIPS 140-2.
|
This setting is available for TLS and MEAP applications. This setting is not available for TLS communication using the machine's touch panel Web Access function. This setting is only available for MEAP applications that use a FIPS provider. For information on the algorithms prohibited when this setting is set to <On>, see System Specifications. |
<Verify System at Startup>
(Settings/Registration) <Management Settings> <Security Settings> <System Verification Settings>You can set the machine to verify the integrity of the firmware, system, and MEAP applications in the machine during startup.
 |
This function restarts the machine not only when the setting is changed from <Off> to <On> but also when <OK> is pressed without changing the setting from <On>. To avoid restarting the machine without changing the setting from <On>, press <No> on the confirmation screen and then press <Cancel> on the screen for this function. |
 | ||||||
When this function is set to <On>, startup takes longer than when it is set to <Off> because system verification is performed. The following events and results are recorded to the device management log. Managing the Logs
If an error code is displayed on the screen when the machine is started with this setting set to <On>, contact your local authorized Canon dealer. |
<McAfee Embedded Control>
(Settings/Registration) <Management Settings> <Security Settings> <System Verification Settings>When the machine is operating, the McAfee Embedded Control function is used to prevent unauthorized program modification and the execution of unauthorized programs, for improved system reliability.
|
To set this function to <On>, it is necessary to set <Verify System at Startup> to <On> in advance. When this function is set to <On>, startup takes longer than when it is set to <Off>. |