As an administrator you add and delete user accounts, and configure user settings, such as password minimum requirements.
|
Notice
|
|
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND CONFIDENTIALITY
Always select the least privileged role necessary for the user to perform their duties.
Always create a unique account for each individual.
Do not share accounts between multiple people.
Consider regional privacy requirements when creating user and display names, as user names will appear in event logs.
Ensure user names are clearly unique to help ensure clear traceability. For example, avoid creating both “User1” and “User 1”.
Failure to follow these instructions can result in unauthorized system access or disclosure of private information.
|
User Account Creation
When you create a new user you need to fill in a user name, a display name, a role, and a password.
User name
The minimum number of characters for the user name is 3 and no spaces are allowed.
Display name
The minimum number of characters for the display name is 3 and no leading, trailing or consecutive spaces are allowed.
Role
Operator Display supports the management of users under three roles; Administrator, Technician, and Viewer.
Table: Secure Account Management
|
Tasks
|
Administrator
|
Technician
|
Viewer
|
|
View BACnet properties and alarms
|
Yes
|
Yes
|
Yes
|
|
Set/force BACnet Points
|
Yes
|
Yes
|
-
|
|
Acknowledge BACnet Alarms
|
Yes
|
Yes
|
-
|
|
View event logs
|
Yes
|
Yes
|
Yes
|
|
Export logs to USB
|
Yes
|
Yes
|
-
|
|
Change Operator Display configuration
|
Yes
|
-
|
-
|
|
Upgrade Operator Display firmware
|
Yes
|
-
|
-
|
|
Add/delete users
|
Yes
|
-
|
-
|
Password
The minimum number of characters and how many lowercase, numeric, and special characters that are required when you create a password depends on how the Operator Display user settings are configured.
For more information, see Creating a User
.
User Account Configuration
The following Operator Display user settings are configurable:
Inactivity timeout
The default setting is that the user is logged out after 15 minutes of inactivity. You can configure the timeout to be between 1 and 60 minutes.
Number of failed log in attempts
The default setting is that the user is locked for 10 minutes after 5 failed log in attempts. You can configure the number of failed log in attempts to be between 1 and 10.
User lock time
The default setting is that the user is locked for 10 minutes after 5 failed log in attempts. You can configure the user lock time to be between 1 and 60 minutes.
Minimum number of password characters
The default setting is that the minimum number of password characters is 8. You can configure the minimum number of password characters to be between 4 and 128. The maximum number of password characters is always 128.
Minimum number of lowercase characters
The default setting is that the minimum number of lowercase characters is 1. You can configure the minimum number of lowercase characters to be between 0 and 128.
Minimum number of uppercase characters
The default setting is that no uppercase characters are required (0). You can configure the minimum number of uppercase characters to be between 0 and 128.
Minimum number of numeric characters
The default setting is that the minimum number of numeric characters is 1. You can configure the minimum number of numeric characters to be between 0 and 128.
Minimum number of special characters
The default setting is that the minimum number of special characters is 1. You can configure the minimum number of special characters to be between 0 and 128.
The following special characters can be used:
!*#$%'()*+-/:;<=>?@[\]^_'{|}~
Note:
Operator Display alerts you if the total number of lowercase, uppercase, numeric, and special characters exceeds 128.
For more information, see Configuring User Settings
.
User Account Administration
User Administration Screen