Specifying the Extended Security Functions

This can be specified by the network administrator.

Specify the string of text for decrypting the login passwords or file passwords sent from the driver when user authentication is ON.

To specify the driver encryption key, register the encryption key specified using the printer in the driver.

For details, see Specifying a Driver Encryption Key.

This can be specified by the user administrator.

Encrypt the data in the printer's Address Book.

Even if information on an internal part has been leaked, the encryption prevents the Address Book data from being read.

For details, see Protecting the Address Book.

Default: [Off]

This can be specified by the machine administrator.

This can be specified if user authentication is specified. When the job history is checked using a network connection for which authentication is not available, all personal information can be displayed as "********". For example, when someone not authenticated as an administrator checks the job history using SNMP in DeviceManager NX, personal information can be displayed as "********" so that users cannot be identified. Because information identifying registered users cannot be viewed, unauthorized users are prevented from obtaining information about the registered files.

Default: [Off]

This can be specified by the file administrator.

By specifying a password, you can limit operations such as printing, deleting, and sending files, and can prevent unauthorized people from accessing the files. However, it is still possible for the password to be cracked.

By specifying "Enhance File Protection", files are locked and so become inaccessible if an invalid password is entered ten times. This can protect the files from unauthorized access attempts in which a password is repeatedly guessed.

The locked files can only be unlocked by the file administrator.

When files are locked, you cannot select them even if the correct password is entered.

Default: [Off]

This can be specified by the network administrator.

When the printer is accessed using the SNMPv1, v2 protocol, authentication cannot be performed, allowing machine administrator settings such as the paper setting to be changed. If you select [Prohibit], the setting can be viewed but not specified with SNMPv1, v2.

Default: [Do not Prohibit]

This can be specified by the network administrator.

Specify the encryption strength for sending jobs from the driver to the printer.

The printer confirms the encryption strength of the password appended to a job and processes it.

If [Simple Encryption] is selected, all jobs that pass user authentication are accepted.

If [DES] is selected, only jobs encrypted with DES or AES are accepted.

If [AES] is selected, only jobs encrypted with AES are accepted.

If you select [AES] or [DES], specify the encryption settings using the printer driver. For details about specifying the printer driver, see the printer driver Help.

Default: [Simple Encryption]

This can be specified by the machine administrator.

This setting allows you to specify whether or not authentication is required for operations such as canceling jobs under the printer function.

If you select [Login Privilege], authorized users and the machine administrator can operate the printer. When this is selected, authentication is not required for users who logged in to the printer before [Login Privilege] was selected.

If [Access Privilege] is specified, any user who performed a print job can cancel the job. Also, the machine administrator can cancel the user's print job.

Even if you select [Login Privilege] and log on to the printer, you cannot cancel a print job that is being processed if you are not privileged to use the printer functions.

You can specify "Authenticate Current Job" only if "User Authentication Management" was specified.

Default: [Off]

This can be specified by the user administrator.

This setting lets you specify [Complexity Setting] and [Minimum Character No.] for the password. By making this setting, you can limit the available passwords to only those that meet the conditions specified in "Complexity Setting" and "Minimum Character No.".

If you select [Level 1], specify the password using a combination of two types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.

If you select [Level 2], specify the password using a combination of three types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.

Default: [Off], Minimum required number of characters not specified

This can be specified by the machine administrator.

Communication via HTTPS for RICOH @Remote Service is disabled if you select [Prohibit].

When setting it to [Prohibit], consult with your service representative.

Default: [Do not Prohibit]

This can be specified by the machine administrator.

Specify whether to allow firmware updates on the printer. Firmware update means having the service representative update the firmware or updating the firmware via the network.

If you select [Prohibit], firmware on the printer cannot be updated.

If you select [Do not Prohibit], there are no restrictions on firmware updates.

Default: [Do not Prohibit]

This can be specified by the machine administrator.

Specify whether to prevent changes in the printer's firmware structure. The Change Firmware Structure function detects when the SD card is inserted, removed or replaced.

If you select [Prohibit], the printer stops during startup when a firmware structure change is detected and a message requesting administrator login is displayed. After the machine administrator logs in, the printer finishes startup with the updated firmware.

The administrator can confirm if the updated structure change is permissible or not by checking the firmware version displayed on the control panel screen. If the firmware structure change is not permissible, contact your service representative before logging in.

When "Change Firmware Structure" is set to [Prohibit], administrator authentication must be enabled.

After [Prohibit] is specified, disable administrator authentication. When administrator authentication is enabled again, you can return the setting to [Do not Prohibit].

If you select [Do not Prohibit], firmware structure change detection is disabled.

Default: [Do not Prohibit]

This can be specified by the machine administrator.

If the number of authentication requests exceeds the setting, the system classifies the access session as a password attack. The access session is recorded in the Access Log and the log data is sent to the machine administrator by e-mail.

If the "Max. Allowed No. of Access" is set to [0], password attacks are not detected.

• Max. Allowed No. of Access

  Specify the maximum number of allowable authentication attempts.

  You can specify a value in the range of 0 to 100.

  Default: [30]

• Measurement Time

  Specify the interval to count the number of repeated failed authentication attempts. When the measurement time is over, the logged counts of failed authentication attempts are cleared.

  You can specify a value in the range of 1 to 10.

  Default: [5]

This can be specified by the machine administrator.

When logging in to the printer via a network application, a user may be locked out erroneously because the number of authentication attempts of the user does not match the number of attempts logged internally.

For example, access may be denied when a print job for multiple sets of pages is sent from an application.

If you select [On] under "Securty Setg for Accs Viol", you can prevent such authentication errors.

• On

  • Accss Violtn Denial Duratn

    Specify the time to limit repeated access by a user.

    You can specify a value in the range of 0 to 60.

    Default: [15]

  • Managed User Host Limit

    Specify the number of user accounts to manage under "Securty Setg for Accs Viol".

    You can specify a value in the range of 50 to 200.

    Default: [200]

  • Password Entry Host Limit

    Specify the number of passwords to manage under "Securty Setg for Accs Viol".

    You can specify a value in the range of 50 to 200.

    Default: [200]

  • Status Monitor Interval

    Specify the monitoring interval of "Managed User Host Limit" and "Password Entry Host Limit".

    You can specify a value in the range of 1 to 10.

    Default: [3]

• Off

Default: [Off]

This can be specified by the machine administrator.

If the number of log in requests exceeds the setting, the system classifies the access session as an access violation. The access session is recorded in the Access Log and the log data is sent to the machine administrator by e-mail. Also, a message is displayed on the control panel and on Web Image Monitor.

If the "Max. Allowed No. of Access" is set to [0], over access is not detected.

In "Authentication Delay Time", you can specify response delay time for log-in requests to prevent the system from becoming unavailable when an access violation is detected.

In "Simultns Access Host Limit", you can specify the limit number of hosts accessing the printer at one time. If the number of access exceeds the setting, monitoring becomes unavailable and the detected unavailability is recorded in the Log.

• Max. Allowed No. of Access

  Specify the maximum number of allowable access attempts.

  You can specify a value in the range of 0 to 500.

  Default: [100]

• Measurement Time

  Specify the interval to count the number of excessive access. When the measurement time is over, the logged counts of access are cleared.

  You can specify a value in the range of 10 to 30.

  Default: [10]

• Authentication Delay Time

  Specify the authentication delay time when an access violation is detected.

  You can specify a value in the range of 0 to 9.

  Default: [3]

• Simultns Access Host Limit

  Specify the number of acceptable authentication attempts when authentications are delayed due to an access violation.

  You can specify a value in the range of 50 to 200.

  Default: [200]