Skip to main content

_Policy Settings_DISA_TO_DELETE

Password Policies

Policy SettingDefaultDescription/Values
Minimum password length6 characters

Type in the minimum password length (from 6-40 characters).


Passwords can be up to 80 characters.
Password qualityBasic

Select the required password quality; works in conjunction with Password requires at least below:

  • Basic: Sets the minimum password length as the only requirement to accept a new password.
  • Strong: Adds more strict requirements to the password structure. Checks for minimum length as well as other criteria such as minimum number of required upper case characters, digits, and symbols.
Password requires at least0

(Password quality must be Strong) Specify the minimum required number of:

  • Uppercase letters
  • Digits
  • Symbols

The range is from 0 to 40 for all 3.

Remember Last5

(Password quality must be Strong) This option determines the number of unique new passwords that must be associated with a user account before an old password can be reused.

The range is from 5 to 500.

Password expirationDisabledTo enable Password expiration, check the checkbox.
Change password afterN/A if Disabled
90 days if Enabled
(Password expiration must be enabled) Type in the number of days after which users must change their passwords (from 1-180 days).

Session Policies

Policy SettingDefaultDescription/Values
Auto LogoutDisabled

Check this checkbox to automatically log users out after a specified period of idle time.

When enabled, if a user has been inactive for longer than the specified period of time, he/she will be logged out and redirected to the Sign-in page. Systems that are left logged on may represent a security risk for an organization.

Logout when idle forN/A if Disabled
15 minutes if Enabled

(Auto Logout must be enabled) Type in the maximum length of time the system may be idle before the user will be logged out (from 1 - 1440 minutes).

Limit Login AttemptsDisabled

Check this checkbox to limit the number of failed sign-in attempts by a user during the specified time period. This may be used to reduce the risk of unauthorized system access via user password guessing.

 TBD - IS THIS TRUE/ DOES IT APPLY HERE??? When enabled, only 4 admin users can be signed in at the same time.

Max Failed AttemptsN/A if Disabled
(Limit Login Attempts must be enabled) Specifies the maximum number of failed password attempts allowed during the specified time interval. Range: 3..10
Failed Interval (Minutes)N/A if Disabled
15 minutes if Enabled
Limit Login Attempts must be enabled) Specifies the time interval within which exceeding the specified number of failed password attempts will result in the user's account being locked. Range: 5..60 minutes TBD - OK???

Account Policies

Policy SettingDefaultDescription/Values
Disable Inactive AccountsDisabled

Check this checkbox to enable automatic disabling of user accounts after the specified number of days of account inactivity.
TBD + how to re-enable acct disabled for inactivity MX1-221???  

Inactivity Timeout (Days)N/A if Disabled
90 Days if Enabled

(Disable Inactive Accounts must be enabled) Type in the number of days  (since the last login) after which the user account will be disabled.

Cryptography Policies

Policy SettingDefaultDescription/Values

Specifies the required cryptographic compliance, either:

  • None
  • FIPS 140-2: Applies cryptographic modules accredited under the Federal Information Processing Standard (FIPS) Publication 140-2.
  • NDPP v1.1: Activates cryptographic security to a level compliant with the National Information Assurance Partnership (NIAP) Network Device Protection Profile, Revision 1.1.
  • SP800-52 Revision 1: Applies cryptographic modules accredited under the National Institute of Standards and Technology (NIST) Special Publication 800-52, Revision 1.


Either selection will reinforce security for all management functions of the decoder in terms of cryptography. This setting will take effect upon the next reboot.
TLS VersionsTLSv1.2, TLSv1.1, TLSv1.0

Specifies which TLS (Transport Layer Security) versions are accepted from the HTTPS client.

  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3


SSLv3 can be enabled only if Compliance is set to None. At least one TLS version must be enabled.

HTTP Policies

Policy SettingDefaultDescription/Values
Strict Transport SecurityDisabled

When enabled, HTTP Strict Transport Security (HSTS) forces web browsers to only contact the Web interface over HTTPS, instead of using HTTP. 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.