Access settings
If you need to access the controller with clients supporting Basic authentication, or by browsers without JavaScript,
you may need to enable the "Allow legacy plaintext login methods" setting. Those methods transmit passwords over
the network and are thus considered insecure. This includes Basic authentication over HTTPS, which is secure
relative to Basic authentication over HTTP, but relies solely on TLS for security, which is considered risky by some
experts. DLI Ethernet Sender should not require this setting.
The "Hide user passwords" and "Hide WiFi password" settings configure whether clients should be able to read
back the relevant values; this may be a security issue if there are untrusted administrator users.
The "Disable local keypad" setting is designed for untrusted physical environments. When enabled, the LCD will
briefly indicate that the keypad is disabled on each keypress and otherwise ignore it.
Note that this still leaves the reset button available to an attacker.
The "Show device name on login page" setting can be used to control if unauthenticated users can see the device
name (it used to be controllable by a space character preceding the device name in previous controller models, but
is now an individual setting). This may be a convenience, but also a possible security issue.
6.7 Miscellaneous settings
The following setting group controls aspects of data presentation of the unit.
Miscellaneous settings
You can force all the text displayed on the LCD to be in CAPS, which may be more legible. However, this won't affect
the network settings, as they include the WiFi password which would be useless if capitalized.
DLI DIN4 User’s Guide: 20170809T111540Z
To Next Page
Loading...