Learn how to configure the Account Policy settings in the Embedded Web Server (EWS) including EWS password complexity and
lockout parameters.
The account policy should be configured to match the printers network account policy as closely as possible. The default policy
was created by matching the Microsoft Active Directory security defaults. HP suggests working with your customer’s IT department
to make sure the device account is secure.
Note:
Remote configuration accounts include access to management tools, such as HP Web Jetadmin.
Configure the Account Policy settings
Learn how to configure the Account Policy settings.
Enable password complexity
The password complexity feature means that you must select three different character types when selecting a password. The
options include uppercase letter, lowercase letter, numbers, and special characters. This is based on the Microsoft default
for password complexity requirements.
-
-
Open the Account Policy menu.
-
In the area labeled Local Administrator Password or the area labeled Remote Configuration Password, select Enable Password Complexity.
Note:
When password complexity is enabled, administrator account passwords must contain three of the following characteristics:
-
Uppercase letters
-
Lowercase letters
-
Numbers
-
Special Characters
-
In Minimum password length, type the minimum numbers of characters that the password must contain.
Note:
The default number of characters is 8. The number of characters required in a password can range from 0 to 16. Setting the
number of characters to 0 indicates that the minimum number of characters is disabled and that no password is required to
access an account.
-
Click the Apply button to save the settings.
Enable account lockout
The Account lockout feature allows administrators to specify the number of failed log in attempts before the printer enters
Protected Mode, which makes the account unavailable for the duration of the lockout period.
Note:
Before reducing the number of maximum log in attempts, make sure that the total number of EWS credentials stored in Web Jetadmin
do not exceed the number of allowed log in attempts. If the number of credentials exceeds the number of log in attempts, a
status communication error might occur if Web Jetadmin discovers a new printer.
-
-
Open the Account Policy menu.
-
In the area labeled Local Administrator Password or the area labeled Remote Configuration Password, select Enable account lockout.
-
In Maximum attempts, type the number of times an administrator can enter an incorrect password before being locked out of the account.
Note:
The default number of attempts is 5. The allowable number of attempts can range between 3 and 30.
-
In Lockout interval, type the number of seconds for which the account will be locked.
Note:
The default number of seconds is 300. The allowable number of seconds can range between 5 and 1800 seconds.
-
In Reset lockout counter interval, type the number of seconds that must pass after a failed log in attempt before the failed
log in attempt counter resets to 0.
Note:
The default number of seconds is 300. The allowable number of seconds can range between 0 and 1800 seconds.
-
Click the Apply button to save the settings.