Information processing device, control method for information processing device, and program

Abstract

This reduces the risk of unauthorized logins through brute-force attacks when the system is operating with the default password. [Solution] The CPU 311 performs authentication to verify that the smartphone 500 is a legitimate user in response to a connection request via the network. If the number of failed authentication attempts reaches a first threshold, the CPU 311 restricts the execution of authentication until the elapsed time reaches a second threshold. The CPU 311 adjusts at least one of the first threshold and the second threshold depending on whether the password used for authentication is the same as the initial password set at the factory.

Description

【Technical Field】 【0001】 The present disclosure relates to an information processing apparatus, a control method for the information processing apparatus, and a program. 【Background Art】 【0002】 In an information processing apparatus capable of network connection, when using the apparatus, installation settings such as network connection settings and parameter settings related to the operation of the apparatus may be performed. Some small and inexpensive information processing apparatuses do not have display means or operation means for performing various settings. In such an information processing apparatus, for example, means for performing installation settings and parameter settings may be provided from an external apparatus connected via a network. As an example of such means, there is a function (hereinafter also referred to as a remote UI) of providing a screen (UI: User Interface) for receiving a setting operation using a Web browser or the like. By using the remote UI, it is possible to perform installation settings and parameter settings even if the information processing apparatus does not have a display screen or input operation means. On the other hand, there is a risk that an external malicious third party may connect to the information processing apparatus via the network and illegally view or change the settings. Therefore, in general, the use of the remote UI is configured to restrict the use to a legitimate administrator by providing a function such as password authentication. On the other hand, with the spread of technologies such as the Internet and wireless LAN, the number and types of network-connectable apparatuses have increased dramatically. 【0003】 In recent years, an increasing number of printing devices have become network-connected and usable. Among these printing devices, those used in ordinary homes are often used without changing the default password from the one set at the time of shipment. Default passwords tend to be easy to guess, and there is a risk that the device may be illegally accessed and used illegally through brute-force attacks. In response to this, Patent Document 1 discloses a configuration that restricts the functions available after login if the default password is still used, so that even if an unauthorized login occurs, there will be no inconvenience. [Prior art documents] [Patent Documents] 【0004】 [Patent Document 1] Japanese Patent Publication No. 2020-160540 [Overview of the Initiative] [Problems that the invention aims to solve] 【0005】 However, the technology disclosed in Patent Document 1 makes it difficult to prevent unauthorized logins via brute-force attacks, and if the password can be changed after an unauthorized login, it may be possible to illegally use all the functions of the device without restriction. 【0006】 In view of the above-mentioned problems, the present invention aims to reduce the risk of unauthorized logins through brute-force attacks when the system is operated with the default password. [Means for solving the problem] 【0007】 The information processing device according to the present invention includes authentication processing means that perform authentication to confirm that a connection request from a terminal device via a network is from a legitimate user, and restriction means that, when the number of failed authentications reaches a first threshold, restrict the execution of authentication until the elapsed time reaches a second threshold, wherein the restriction means is characterized in that it sets at least one of the first threshold and the second threshold differently depending on whether the password used for authentication is the same as the initial password set at the time of factory shipment. [Effects of the Invention] 【0008】 According to the present invention, it is possible to reduce the risk of unauthorized logins through brute-force attacks when the system is being operated with the default password. [Brief explanation of the drawing] 【0009】 [Figure 1] This diagram shows an example of the system configuration. [Figure 2] This diagram shows an example of a printer's hardware configuration. [Figure 3] This diagram shows an example of the module configuration of printer software. [Figure 4] This diagram shows an example of a smartphone's hardware configuration. [Figure 5] This diagram shows an example of the module configuration of smartphone software. [Figure 6] This diagram shows an example of a remote UI screen. [Figure 7] This diagram shows an example of the display screen of the control panel. [Figure 8] This is a flowchart illustrating an example of printer processing. [Figure 9] This is a flowchart illustrating an example of printer processing. [Figure 10] This is a flowchart illustrating an example of printer processing. [Figure 11] This is a flowchart illustrating an example of printer processing. [Modes for carrying out the invention] 【0010】 Preferred embodiments of this disclosure will be described in detail below with reference to the attached drawings. In this specification and the drawings, components having substantially the same functional configuration are denoted by the same reference numerals, and redundant descriptions will be omitted. 【0011】 <First Embodiment> Referring to Figure 1, an example of the configuration of a system 100 according to one embodiment of this disclosure will be described. The system 100 according to this embodiment includes a printer 300 and a smartphone 500 connected via a local area network 102. The printer 300 and the smartphone 500 are connected to the local area network 102 by wireless connection to a wireless LAN access point 101. Here, a wireless LAN infrastructure mode connection 103 is used between the printer 300 and the smartphone 500 and the wireless LAN access point 101. 【0012】 The printer 300 has a mode that allows it to operate as a wireless LAN access point. When the printer 300 is operating as an access point, the smartphone 500 can connect directly to the printer 300 access point. This connection method is also called direct connection 104. 【0013】 Other terminals, such as personal computers (PCs) (hereinafter also referred to as PC terminal devices 400), may be connected to the local area network 102. The local area network 102 is also connected to the internet 106 via a router 105. With this configuration, the printer 300, smartphone 500, and other devices connected to the local area network 102 can each communicate with the cloud server 200 on the internet 106 via the router 105. 【0014】 The smartphone 500 is also connected to the mobile phone network 107. The smartphone 500 can also be connected to the cloud server 200 on the Internet 106 via the mobile phone network 107. 【0015】 Note that the configuration shown in FIG. 1 is merely an example and does not necessarily limit the system configuration of the system 100 according to the present embodiment. For example, in the example shown in FIG. 1, the wireless LAN access point 101 and the router 105 are realized as different devices, but a router device having an access point function may be applied in place of these configurations. 【0016】 Referring to FIG. 2, an example of the hardware configuration of the printer 300 will be described. The printer 300 includes a main board 310 that controls the entire device, a wireless LAN unit 308, and a short-range wireless communication unit 306. A CPU 311 in the form of a microprocessor disposed on the main board 310 operates according to a control program stored in a program memory 313 in the form of a ROM connected via an internal bus 312 and the content of a data memory 314 in the form of a RAM. 【0017】 The CPU 311 controls the scanner mechanism control circuit 315 to read a document and stores image data corresponding to the result in an image memory 316 in the data memory 314. Further, the CPU 311 can control the printing mechanism control circuit 317 to print an image indicated by the data stored in the image memory 316 in the data memory 314 on a recording medium such as paper. The CPU 311 controls the wireless LAN unit 308 via a wireless LAN communication control unit 318 to perform wireless LAN communication with other communication terminal devices. Further, the CPU 311 can control the short-range wireless communication unit 306 via a short-range wireless communication control circuit 319 to detect a connection with other short-range wireless communication terminals or to perform data transmission and reception with other short-range wireless communication terminals. The CPU 311 controls the control circuit 320, enabling it to display the status of the printer 300 and function selection menus on the control panel 305, as well as to accept operations from the user. 【0018】 Referring to Figure 3, an example of the module configuration of the software running on printer 300 will be described. The printer control software 1300 running on printer 300 runs on the embedded control OS (Operating System) 1301. Each module is classified into a system control layer 1310, a job management layer 1320, a middleware layer 1330, and an application layer 1340. The embedded control OS 1301 is the operating system (OS) that governs the basic operation of the printer control software 1300, and generally a real-time OS with excellent responsiveness is used. 【0019】 The system control layer 1310 is a group of modules that primarily control the hardware of the printer 300. The print control module 1311 is a control module that controls the print mechanism control circuit 317 to realize the printing operation of the printer 300. The scan control module 1312 is a control module that controls the scanner mechanism control circuit 315 to realize the scanning operation of a document placed on the document glass 301. The panel control module 1313 is a control module that controls the display of the printer 300's operation panel 305 and detects various key operations. The memory management module 1314 is a control module that manages the dynamic allocation of data memory 341 and image memory 316. The power control module 1315 is a control module that controls the power of the printer 300, supplying the power necessary for operation to each hardware block and controlling power saving mode. The short-range wireless communication control module 1316 is a control module that controls the short-range wireless communication unit 306 to communicate with terminal devices such as smartphones 500. The network communication control module 1317 is a control module that controls the wireless LAN unit 308 and performs communication physical layer control for LAN communication with external devices. 【0020】 The job management layer 1320 is a group of modules that utilize the system control layer 1310 to perform various operations in response to job execution requests from higher layers, including hardware resource allocation, mutual exclusion control, and scheduling. 【0021】 The middleware layer 1330 is located between the application layer 1340 and the job management layer 1320, and is a collection of modules commonly used by multiple functional modules belonging to the application layer 1340. The application framework 1331 is a framework module commonly used when the application layer 1340 requests job execution from the job management layer 1320. The network protocol stack 1332 is a module for realizing communication in accordance with various network protocols such as HTTP and TCP / IP. The cryptography module 1333 is a module for realizing processing such as encrypting data in network communication and decrypting encrypted data. The web server module 1334 is a module for operating the printer 300 as a web server in order to deliver remote UI content. 【0022】 The application layer 1340 is a group of applications that implement various functions of the printer 300. The copy application 1341 is an application module that implements the copy operation, which involves scanning a document and printing it. The driver printing application 1342 is an application module for receiving jobs from the printer driver of a smartphone 500 or PC terminal device 400 and executing operations. Examples of jobs from the driver include print jobs that perform printing operations, scan jobs that read documents and output image data, and maintenance jobs that exchange information with external devices to configure and manage the printer 300. The standard printing application 1343 is an application module that receives and executes jobs from the standard printing service provided by the smartphone 500's system. Examples of jobs from the standard printing service include print jobs that perform printing operations and scan jobs that read documents and output image data. However, since the standard printing service is provided by the smartphone manufacturer or standard OS vendor, there may be limitations on specific settings and management related to the printer models of individual manufacturers. 【0023】 The remote UI module 1344 is a module that provides the remote UI functionality of the printer 300 to an external device using the web server module 1334. By using the remote UI, it becomes possible to configure and manage the printer 300. In particular, in the printer 300 according to this embodiment, the information that can be displayed and configured on the operation panel 305 is limited, so the remote UI is used for more detailed configuration and management. Also, if a dedicated driver is not available for the smartphone 500 or PC terminal device 400, the means of using the printer 300 is limited to the standard printing service, so the remote UI is used for detailed configuration and management. 【0024】 Referring to Figure 4, an example of the hardware configuration of the smartphone 500 will be described. The smartphone 500 has a main board 510 that controls the entire device, a wireless LAN unit 502, a short-range wireless communication unit 501, and a line connection unit 503. The microprocessor-type CPU 511 located on the main board 510 operates according to the control program stored in the ROM-type program memory 513 connected via the internal bus 512 and the contents of the RAM-type data memory 514. 【0025】 The CPU 511 controls the wireless LAN unit 502 via the wireless LAN control circuit 515 to perform wireless LAN communication with other communication terminal devices. The CPU 511 can detect connections with other short-range wireless communication terminals and send and receive data with other short-range wireless communication terminals by controlling the short-range wireless communication unit 501 via the short-range wireless communication control circuit 516. In addition, the CPU 511 can connect to the mobile phone network 107 and make calls and send and receive data by controlling the line connection unit 503 via the line control circuit 517. The CPU 511 can display desired information on the touch panel display 504 and accept user input by controlling the control circuit 518. The CPU 511 can also control the camera 519 to capture images and store the captured image data in the image memory 520 in the data memory 514. In addition to captured images, the CPU 511 can also store image data acquired from external sources via a mobile phone network, local area network, or short-range wireless communication in the image memory 520, or conversely, transmit it to external sources. 【0026】 The non-volatile memory 521 is composed of flash memory or the like, and stores data that maintains its state even after the power is turned off. For example, it stores phonebook data, various communication connection information and information on previously connected devices, as well as image data that maintains its state, and application software programs that enable various functions of the smartphone 500. 【0027】 Referring to Figure 5, an example of the module configuration of the software running on the smartphone 500 will be explained. The software 1500 running on the smartphone 500 runs on the OS (Operating System) 1501. Each module is classified into the system control layer 1510, middleware layer 1520, and application layer 1530. 【0028】 The system control layer 1510 is a group of modules that primarily control the hardware of the smartphone 500. The GUI control module 1511 is a control module for controlling the display on the touch panel display 504 and detecting touch panel operations. The camera control module 1512 is a module for controlling image capture by the camera 519. The short-range wireless communication control module 1513 is a control module for controlling the short-range wireless communication unit 501 to perform short-range wireless communication with other devices. The network communication control module 1514 is a control module for controlling the wireless LAN unit 502 to perform communication physical layer control for realizing wireless LAN communication with external devices. The memory management module 1515 is a control module for managing the dynamic allocation of data memory 514 and image memory 520. The power supply control module 1516 is a control module for controlling the power supply of the smartphone 500, supplying the power necessary for operation to each hardware block and performing power saving mode control. 【0029】 The middleware layer 1520 is located between the application layer 1530 and the system control layer 1510, and is a collection of modules commonly used by multiple application modules belonging to the application layer 1530. The application framework 1521 is a framework module commonly used by applications in the application layer 1530. The network protocol stack 1523 is a module for realizing communication in accordance with various network protocols such as HTTP and TCP / IP. The standard print service 1522 is a service module that provides applications in the application layer 1530 with the functionality to use a printer 300 that supports the standard print service. Functions provided by the standard print service 1522 include, for example, a printing function to execute print jobs on the printer 300 and a scanning function to execute scan jobs. However, since the standard print service is provided by smartphone manufacturers and standard OS vendors, there may be limitations on specific settings and management related to printer models from individual manufacturers. 【0030】 The application layer 1530 is a group of applications that implement various functions of the smartphone 500. The applications installed on the smartphone 500 include those that are built-in from the time of product shipment and those that users can download and install later. In the example shown in Figure 5, these are shown as the first application 1531 and the second application 1532, but there are no restrictions on the number or type of applications that can be added, and users can add or delete them as needed. The custom print driver 1533 is a dedicated driver specific to the printer 300 model and provides the functionality to execute print and scan jobs to the corresponding printer 300. The custom print driver 1533 is installed and used by the user according to the model of the printer 300 they are using. In the example shown in Figure 5, the custom print driver 1533 is shown as being installed at the application layer, but it may also be installed at the middleware layer and operated in response to print job requests from the application. The web browser 1534 is an application module that connects to a web server via a network, retrieves web content, and displays it in a predetermined display area. The web browser 1534 may retrieve and display web content from the cloud server 200, or it may use the web server function of the printer 300 to retrieve and display remote UI content. 【0031】 Refer to Figure 6 to see an example of the remote UI screen for printer 300. Figure 6(a) shows an example of screen 4000 as an example of a remote UI screen, when the available functions are not restricted. Screen 4000 is displayed, for example, when password authentication is in progress, and corresponds to the entry page for the entire remote UI. Screen 4000 displays buttons 4001, 4002, and 4003, each with a link (e.g., hyperlink) to navigate to other pages. Button 4001 is for transitioning to the printer status display screen (not shown). Button 4002 is for transitioning to the printer operation settings screen (not shown). Button 4003 is for transitioning to the network connection settings screen (not shown). 【0032】 Figure 6(b) shows an example of a remote UI screen, specifically screen 4100, which has limited available functions. Screen 4100 is the entry page for the entire remote UI, displayed in place of screen 4000 shown in Figure 6(a) when, for example, password authentication is not performed or the password has not been changed from the factory default state. Hereafter, the state in which the password has not been changed from the factory default state will be referred to as the "initial state" for convenience. Screen 4100 displays a button 4101 with a link (e.g., a hyperlink) to navigate to other pages. Button 4101 is a button for transitioning to a printer status display screen (not shown). As can be seen by comparing it with screen 4000 shown in Figure 6(a), screen 4100 does not display buttons for transitioning to the printer operation settings screen or the network connection settings screen. In this way, the remote UI screen of printer 300 is configured so that a remote attacker cannot illegally change the printer operation settings or network connection settings when password authentication is not performed or when the password is left at its default setting. 【0033】 Figure 6(c) shows an example of the authentication screen 4200. The authentication screen 4200 is displayed, for example, when a request to access the remote UI is received without password authentication. The password field 4201 is a string input field for receiving the password to be used for authentication. In the example shown in Figure 6(c), the entered characters are converted to substitute characters (for example, symbols such as black circles) to prevent others from seeing the entered password by looking at the user's terminal. The OK button 4202 is a button for sending the authentication request with the entered password. The Cancel button 4203 is a button for canceling authentication and returning to restricted remote UI access. When the OK button 4202 is pressed with a password entered in the password field 4201, an authentication request is sent to the printer 300. Then, if the authentication request is permitted, the screen transitions from the authentication screen 4200 to the remote UI page that was originally requested. 【0034】 Figure 6(d) shows an example of the lockout screen 4400. The lockout screen 4400 is an example of a screen that is displayed when a request for access to a remote UI requiring authentication is accepted while locked out. The back button 4401 is a button to exit the lockout screen 4400 and return to restricted remote UI access. 【0035】 Referring to Figure 7, an example of the display screen of the printer 300's main control panel 305 will be described. Figure 7(a) shows an example of the home screen 5000. The home screen 5000 is displayed when the printer 300 is in standby mode and can receive instructions from the user regarding the execution of various functions. The home screen 5000 displays buttons 5001, 5002, and 5003 for receiving the selection of the function to be executed. When the copy button 5001 is pressed, the screen transitions to the screen for executing the copy function. When the scan button 5002 is pressed, the screen transitions to the screen for executing the scan function. When the settings button 5003 is pressed, the screen transitions to the settings menu screen 5100, which will be described later. 【0036】 Figure 7(b) shows an example of the settings menu screen 5100. The settings menu screen 5100 is displayed when the settings button 5003 is pressed on the home screen 5000. The settings menu screen 5100 displays buttons 5101, 5102, and 5103 for selecting the item to be configured. When the network settings button 5101 is pressed, the screen transitions to the settings screen for connecting the printer 300 to the network. When the print settings button 5102 is pressed, the screen transitions to the print settings screen for the printer 300, such as the paper size and paper type used for printing. When the password change button 5103 is pressed, the screen transitions to the password change screen 5200, which will be described later. 【0037】 Figure 7(c) shows examples of password change screens 5200, 5210, and 5220. The password change screen is displayed when a password is changed, and accepts input such as the old password and the new password. In this embodiment, because the display area of ​​the printer 300's operation panel 305 is limited, only one input item is accepted on each of the three screens. The Next buttons 5203 and 5213 are buttons to proceed to the next screen. The Back button 5202 on the first password change screen 5200 is a button to receive instructions to cancel the password change process. The Back buttons 5212 and 5222 on the second and subsequent password change screens 5210 and 5220 are buttons to proceed to the previous screen. The Settings button 5223 on the final password change screen 5220 is a button to receive instructions regarding the password change based on the entered information. The old password field 5201 is a string input field for receiving the password before the change. The new password field 5211 is a string input field for receiving the password after the change. The new password confirmation field 5311 is a string input field for receiving the password after the change. The characters constituting the specified password are entered into each field via a character input means (not shown). The character input means may be implemented as a hard key or as a soft keyboard displayed on the screen. The old password entered in the old password field 5201 is used to verify that the user attempting to change their password is a legitimate user. The new password entered in the new password confirmation field 5311 is used to verify that there are no input errors by confirming that it matches the string entered in the new password field 5211. 【0038】 Note that the example shown in Figure 7(c) illustrates a case where a password change is achieved by sequentially displaying three password change screens 5200, 5210, and 5220 and having the user enter both the old and new passwords. However, this does not limit the screen configuration of the password change screens. As a specific example, a screen configuration that accepts input of three old and new passwords on a single password change screen may also be applied. Furthermore, while Figure 7 illustrates an example where the password is changed via the main unit's control panel 305, it is also possible to configure the system so that the password is changed via a remote UI screen. 【0039】 Referring to Figure 8, an example of the printer 300's processing will be explained. The series of processes shown in Figure 8 are executed by the printer 300's CPU 311 when the printer 300 is powered on, and the loop processes indicated by S2001 and S2009 are repeatedly executed while the printer 300 is powered on. The contents of the loop processes will be explained in more detail below. 【0040】 In S2002, the CPU 311 of the printer 300 waits for an event to occur. Then, when the CPU 311 detects an event in S2002, it determines in S2003 what processing to execute next according to the type of event detected. 【0041】 If the CPU 311 detects an event in S2003 indicating that the power key on the control panel 305 has been pressed, it proceeds to S2004. In S2004, the CPU 311 transitions the power state of the printer 300 from the ON state to the OFF state. In this case, in S2009, the CPU 311 determines that the loop termination condition has been met, and therefore exits the loop and terminates the series of processes shown in Figure 8. That is, in this case, the printer 300 remains in a dormant state until the power state next transitions to the ON state. 【0042】 If the CPU 311 detects an event in S2003 indicating that the start key on the operation panel 305 has been pressed, it proceeds to S2005. In S2005, the CPU 311 starts the copy operation. However, if the start key is pressed while the display on the operation panel 305 has transitioned from the home screen 5000 to the scan execution screen or another screen, the CPU 311 starts the scan operation or other operation according to the state of the displayed screen. If CPU311 detects an event in S2003 indicating that a job has been received from an external source, it proceeds to S2006. In S2006, CPU311 executes processing according to the content of the received job. If CPU311 detects an event in S2003 indicating that it has received a remote UI request from an external source, it proceeds to S2007. In S2007, CPU311 executes the response processing for the received remote UI request. Details of this response processing will be described separately later. 【0043】 If the CPU 311 detects an event in S2003 indicating that an operation has been received on the operation panel 305, it proceeds to S2008. In S2008, the CPU 311 executes processing according to the received operation. For example, if an operation on the touch panel is received, the CPU 311 executes processing according to the touch coordinates. As a specific example, if the CPU 311 detects a touch on a button located on the home screen 5000, the settings menu screen 5100, or other screens, it may execute processing associated with that button (for example, transitioning to another screen, performing a predetermined action, etc.). As another example, if the CPU 311 receives an operation on an input field located on the password change screen 5200, 5210, 5220, or other screens, it may execute character input into the input field or editing the entered characters. If CPU311 detects any other events in S2003, it proceeds to S2009. In S2009, CPU311 executes the processing corresponding to the detected event. 【0044】 Referring to Figure 9, we will explain an example of printer 300 processing, focusing on the processing when a remote UI request is received. The series of processes shown in Figure 9 are executed as the S2007 process shown in Figure 8. That is, when an event of a remote UI request from the external device's web browser 1534 to the printer 300's web server module 1334 is detected, it is executed by the printer 300's CPU 311. 【0045】 In S2101, the CPU 311 of the printer 300 determines the type of remote UI request received and then executes the following processing according to the type of request. If CPU311 determines in S2101 that the request type is a remote UI page screen request, it proceeds to S2102. In S2102, CPU311 determines whether the terminal in question has been password authenticated or not. If CPU311 determines in S2102 that the terminal in question has already been password authenticated, it proceeds to S2103. In S2103, CPU311 sends the requested page screen to the requester. That is, if the requested page is the entry screen of the remote UI, the unrestricted remote UI screen 4000 is sent. On the other hand, if CPU311 determines in S2102 that the terminal in question has not been password authenticated, it proceeds to S2104. In S2104, CPU311 sends the authentication screen 4200 to the requester. 【0046】 If CPU311 determines in S2101 that the request type is a password authentication request, it proceeds to S2105. In S2105, the CPU 311 determines whether or not the system is in a lockout state. At this time, the CPU 311 determines that the system is in a lockout state if the lockout time measurement was started in the process of S2111 described later, and the acquired lockout time has not been reached. If CPU311 determines in S2105 that the system is in a lockout state, it proceeds to S2106. In S2106, CPU311 sends a lockout screen 4400 to the requester. 【0047】 If CPU311 determines in S2105 that the lockout state is not present, it proceeds to S2107. In S2107, the CPU 311 determines whether the password sent as an authentication request matches the password set for the printer 300. In this way, the CPU 311 performs authentication to confirm that the user is legitimate based on the above password. If CPU311 determines in S2107 that the password matches, it considers the password authenticated and proceeds to S2103. In this case, CPU311 sends the requested page screen to the requester in S2103. 【0048】 If CPU311 determines in S2107 that the password does not match, it considers the authentication to have failed and proceeds to S2108. In S2108, the CPU 311 determines whether the printer 300's password is in its initial state. That is, the CPU 311 determines whether the password has not been changed since the factory default. The method for determining whether the password has not been changed since the factory default is not particularly limited, as long as it is possible to do so. For example, whether or not a password change operation has been performed may be stored in a flag. In this case, the CPU 311 can determine that it is not in its initial state if the flag is set. Another example is that the CPU 311 may compare the password set at the factory default with the currently set password and determine that it is not in its initial state if they are different. 【0049】 If CPU311 determines in S2108 that the password for printer300 is not in its initial state, it proceeds to S2109. In S2109, CPU311 retrieves the lockout conditions set by the device administrator (hereinafter also referred to as administrator-set lockout conditions). Lockout conditions include conditions for the number of login attempts and conditions for the lockout time. If authentication fails consecutively and the number of login attempts reaches the limit, login operations will be restricted from that point until the lockout time has elapsed (for example, they may be prohibited or some operations may be restricted). As a specific example, if the lockout conditions are set to 3 login attempts and 5 minutes of lockout time, then if authentication fails 3 times in a row, login operations will be restricted for the next 5 minutes. For administrator-configured lockout conditions, a configuration that allows the device administrator to configure them via the network settings screen on the main control panel 305 or the network settings screen on the remote UI may be applied. Alternatively, a configuration may be applied in which the lockout operation does not occur when the number of login attempts is set to 0. The threshold for the number of login attempts specified as a lockout condition, i.e., the threshold for the number of login attempts used to determine the lockout condition, is an example of the first threshold. Furthermore, the threshold for the lockout time specified as a lockout condition, i.e., the threshold for the elapsed time during which login operations are restricted due to the lockout, is an example of the second threshold. 【0050】 If CPU 311 determines in S2108 that the password for printer 300 is in its initial state, it proceeds to S2110. In S2110, CPU 311 obtains the initial lockout conditions. Fixed values ​​are applied to the initial lockout conditions, for example, the number of lockout attempts is set to 3, and the lockout time is set to 30 minutes. In S2110, the CPU 311 may compare the initial lockout conditions with the administrator-configured lockout conditions and apply the stricter conditions (i.e., conditions that more restrict the acceptance of password input) as the lockout conditions. As a specific example, the CPU 311 may apply the smaller of the number of attempts for the initial lockout conditions and the number of attempts for the administrator-configured lockout conditions as the condition for the number of attempts in the lockout conditions. In addition, the CPU 311 may apply the longer of the lockout time for the initial lockout conditions and the lockout time for the administrator-configured lockout conditions as the condition for the lockout time in the lockout conditions. 【0051】 In S2111, CPU311 performs a lockout check based on the acquired lockout conditions, and if the lockout conditions are met, it starts measuring the acquired lockout time. 【0052】 By applying the above-described controls, it becomes possible to differentiate the lockout conditions depending on whether the password is in its initial state or not. As a specific example, if the password is in its initial state, it becomes possible to apply lockout conditions that more restrict the acceptance of password input. Note that the lockout conditions that differ depending on whether the password is in its initial state or not may be some of the conditions or a series of conditions. As a specific example, in the embodiment described above, it is sufficient to differentiate at least one of the number of lockout attempts and the lockout time depending on whether the password is in its initial state or not. This is expected to reduce the risk of unauthorized logins through brute-force attacks by controlling the system to apply stricter lockout conditions even when using an easily guessable initial password. 【0053】 <Second Embodiment> As a second embodiment of this disclosure, an example of restricting the application of initial lockout conditions during the initial setup of the device will be described. During the initial setup of the device, the probability of a first-time user making a password error may be higher due to unfamiliarity with the operation. Considering this situation, even if the initial password is used, controlling the lockout conditions so that they are not too strict during the initial setup can be expected to prevent first-time users from encountering difficulties during the initial setup. 【0054】 Referring to Figure 10, an example of the processing of the printer 300 according to this embodiment will be explained, with particular attention paid to the processing related to initial setup. The series of processes shown in Figure 10 are executed by the CPU 311 of the printer 300 when the power of the printer 300 is turned on, for example. 【0055】 In S2201, the CPU 311 of the printer 300 determines whether the initial setup is complete by checking the initial setup completion flag. The initial setup completion flag is information stored in non-volatile memory (not shown) located on the main board 310 of the printer 300. It is cleared when the device is manufactured and shipped, and set when the initial setup in the user environment is completed. In other words, as long as the initial setup flag is cleared, the printer 300 operates as if the initial setup process is in progress. 【0056】 If the CPU 311 determines in S2201 that the initial setup is not complete, it will perform various initial settings and adjustments via the control panel 305 screen or the remote UI screen through processing S2202 to S2207. In S2202, the CPU 311 receives a request from the user to specify the language to be displayed on the control panel 305. In S2203, CPU311 accepts the user's specification of the date and time settings. In S2204, CPU311 prompts the user to perform operations related to print head adjustment, prompts the user to install the paper and consumables to be used, and then accepts the user's specifications for the settings of said paper and consumables. In S2205, CPU311 activates the initial setup access point mode. The initial setup access point mode (hereinafter referred to as initial setup AP mode) is designed to simplify the wireless LAN connection setup. In initial setup AP mode, the printer 300 operates as a wireless LAN access point with a predetermined SSID, accepting connections from the initial setup application running on the smartphone 500 and sending and receiving network connection setting information. This control is applied to configure the printer 300's connection. Initial setup AP mode stops once the network connection setup is complete, but if the initial setup operation continues without network connection setup, it may continue to operate even after the initial setup is complete. When the printer 300 is operating in access point mode, connections to the printer 300 are limited to terminals located within the range of the printer 300's wireless LAN signal. Therefore, while initial setup AP mode is in operation, the connection range is limited compared to normal wireless LAN infrastructure mode connections or wired LAN connections, and security risks are kept relatively low. In S2206, CPU311 accepts password setting requests from the user. By changing the initial password to a different password before connecting to the network, the device can be operated with a password that is difficult to guess. In S2207, CPU311 receives network connection settings from the user. Network connection settings may include, for example, settings for connecting to a wireless LAN access point or settings related to connecting to cloud services on the internet. Once the initial setup process described in S2202 to S2207 is complete, CPU311 sets the initial setup completion flag in S2208. 【0057】 In S2209, the CPU 311 executes the normal startup process for the printer 300, as explained with reference to Figure 8. Furthermore, even if the CPU 311 determines in S2201 that the initial setup is complete, it proceeds to S2209, where it executes the normal startup process for the printer 300. Furthermore, various settings that are to be specified during the initial setup process may be subject to control so that they are not specified during the initial setup process. In this case, for example, after the initial setup is complete, the settings may be reconfigured or changed via the operation panel 305 or various screens of the remote UI. Furthermore, the sequence of initial setup procedures shown in Figure 10 is merely an example and may be modified as appropriate. 【0058】 Referring to Figure 11, an example of the processing performed by printer 300 upon receiving a remote UI request will be described. Note that in the example shown in Figure 11, the processing indicated by the same reference numerals as in the example shown in Figure 9 is essentially the same as in the example shown in Figure 9, so a detailed explanation will be omitted. 【0059】 CPU311 proceeds to S2301 if authentication fails in S2107 and the password is valid in S2108. In S2301, the CPU 311 determines whether the initial setup is complete or not. In this case, the CPU 311 only needs to determine that the initial setup is complete if the initial setup flag stored in the non-volatile memory is set. If CPU311 determines in S2301 that the initial setup is complete, it proceeds to S2302. In S2302, the CPU 311 determines whether the printer 300's wireless LAN is operating in initial setup AP mode. If CPU 311 determines in S2302 that the printer 300's wireless LAN is not operating in initial setup AP mode, it proceeds to S2110. In this case, CPU 311 obtains the initial lockout conditions in S2110 and performs a lockout determination in S2111 based on those initial lockout conditions. On the other hand, if the CPU 311 determines in S2301 that the initial setup is not complete, or if it determines in S2302 that the printer 300's wireless LAN is operating in initial setup AP mode, it terminates the series of processes shown in Figure 11. In this case, the lockout check shown as process S2111 is not performed. Furthermore, if it is determined in S2301 that the initial setup is not complete, or if it is determined in S2302 that the printer 300's wireless LAN is operating in initial setup AP mode, control may be applied that sets different lockout conditions. 【0060】 By applying the above controls, it becomes possible to prevent lockout operations from occurring during initial setup or when the printer 300 is operating in initial setup AP mode, even if the initial password remains in place, or to relax the lockout conditions. This reduces the risk of unauthorized logins when the initial password is still in use, while also preventing users from getting stuck during initial setup due to lockouts, especially during setup operations where the probability of input errors is higher due to unfamiliarity with the system. 【0061】 <Other Embodiments> The present invention can also be realized by supplying a program that implements one or more of the functions of the above-described embodiments to a system or device via a network or storage medium, and by having one or more processors in the computer of that system or device read and execute the program. It can also be realized by a circuit (e.g., an ASIC) that implements one or more functions. Furthermore, the configurations and processes described in the above embodiments are merely examples, and various modifications may be applied as long as they do not deviate from the basic concept of the technology relating to this disclosure described above. Furthermore, the scope of application of the technology according to one embodiment of this disclosure is not particularly limited. For example, although the above embodiment described an example where the target of lockout control is a printer, the technology according to this disclosure can be applied to any device having an authentication function, not limited to printers. Specifically, the technology according to this disclosure can be applied to, for example, photocopiers, facsimile machines, scanners, smartphones, PCs, tablet terminals, PDAs, digital cameras, music playback devices, televisions, smart speakers, robotic vacuum cleaners, automatic cooking pots, refrigerators, etc. In particular, devices that have functions that enable various operations by accessing them from the outside via a network, such as a remote UI, may be subject to the technology according to one embodiment of this disclosure. 【0062】 Furthermore, the disclosure of this embodiment includes the following configurations, methods, and programs. (Configuration 1) An information processing device comprising: an authentication processing means that performs authentication to confirm that a connection request from a terminal device via a network is from a legitimate user; and a restriction means that, when the number of failed authentications reaches a first threshold, restricts the execution of authentication until the elapsed time reaches a second threshold, wherein the restriction means causes at least one of the first threshold and the second threshold to differ depending on whether the password used for authentication is the same as the initial password set at the time of factory shipment. (Configuration 2) The information processing apparatus according to Configuration 1, wherein the limiting means is characterized in that when the password used for authentication is the same as the initial password, the first threshold is set to be fewer times than when the password is not the same as the initial password. (Configuration 3) The information processing apparatus according to Configuration 1 or 2, wherein the limiting means is characterized in that when the password used for authentication is the same as the initial password, a longer time is set as the second threshold compared to when the password is not the same as the initial password. (Configuration 4) The information processing device according to any one of Configurations 1 to 3, wherein the restricting means sets at least one of the first threshold and the second threshold in cases where the password used for authentication is not the same as the initial password, in accordance with instructions from the administrator. (Configuration 5) The information processing apparatus according to any one of Configurations 1 to 4, wherein the limiting means is characterized in that if the first threshold set by the administrator is less than the first threshold set when the password used for authentication is the same as the initial password, the first threshold set by the administrator is applied as the first threshold applied to determining the number of times authentication has failed, even if the password used for authentication is the same as the initial password. (Configuration 6) The information processing apparatus according to any one of Configurations 1 to 5, wherein the limiting means is characterized in that if the second threshold set by the administrator is longer than the second threshold set when the password used for authentication is the same as the initial password, the second threshold set by the administrator is applied as the second threshold applied to the determination of the elapsed time in the event of authentication failure, even if the password used for authentication is the same as the initial password. (Configuration 7) The information processing apparatus according to any one of Configurations 1 to 6, wherein the restricting means restricts the application of the control relating to the restriction of the execution of the authentication until the initial setup of the target device is completed. (Configuration 8) The information processing apparatus according to any one of Configurations 1 to 7, wherein the restricting means restricts the application of the control relating to the restriction of the execution of authentication when the target device is operating in access point mode as a wireless LAN access point. (Method 1) A method for controlling an information processing device, comprising: an authentication processing step of performing authentication to confirm that a connection request from a terminal device via a network is from a legitimate user; and a restriction step of restricting the execution of authentication until the elapsed time reaches a second threshold when the number of authentication failures reaches a first threshold, wherein the restriction step differs at least one of the first threshold and the second threshold depending on whether the password used for authentication is the same as the initial password set at the time of factory shipment. (Program 1) A program for causing a computer to function as an information processing device, comprising: authentication processing means for performing authentication to verify that a connection request from a terminal device via a network is from a legitimate user; and restriction means for restricting the execution of authentication until the elapsed time reaches a second threshold when the number of authentication failures reaches a first threshold, wherein the restriction means causes at least one of the first threshold and the second threshold to differ depending on whether the password used for authentication is the same as the initial password set at the factory. [Explanation of Symbols] 【0063】 100 Systems 300 printers 311 CPU 500 Smartphones

Claims

[Claim 1] Authentication processing means that performs authentication to verify that a connection request from a terminal device via a network is from a legitimate user, A limiting means that restricts the execution of authentication until the elapsed time reaches a second threshold when the number of authentication failures reaches a first threshold, It has, The restricting means causes at least one of the first threshold and the second threshold to differ depending on whether the password used for authentication is the same as the initial password set at the factory. An information processing device characterized by the following features. [Claim 2] The information processing apparatus according to claim 1, characterized in that the limiting means sets a first threshold number that is less than the number of times when the password used for authentication is the same as the initial password when the password is not the same as the initial password. [Claim 3] The information processing apparatus according to claim 1, characterized in that the limiting means sets a second threshold time that is longer than the time when the password used for authentication is the same as the initial password, when the password used for authentication is the same as the initial password. [Claim 4] The information processing apparatus according to claim 1, characterized in that the restricting means sets at least one of the first threshold and the second threshold in cases where the password used for authentication is not the same as the initial password, in accordance with instructions from the administrator. [Claim 5] The information processing apparatus according to claim 1, wherein the limiting means is characterized in that, if the first threshold set by the administrator is less than the first threshold set when the password used for authentication is the same as the initial password, the first threshold set by the administrator is applied as the first threshold applied to determining the number of times authentication has failed, even if the password used for authentication is the same as the initial password. [Claim 6] The information processing apparatus according to claim 1, wherein the limiting means is characterized in that, if the second threshold set by the administrator is longer than the second threshold set when the password used for authentication is the same as the initial password, the second threshold set by the administrator is applied as the second threshold applied to the determination of the elapsed time in the event of authentication failure, even if the password used for authentication is the same as the initial password. [Claim 7] The information processing apparatus according to claim 1, characterized in that the restricting means restricts the application of the control relating to the restriction of the execution of the authentication until the initial setup of the target device is completed. [Claim 8] The information processing apparatus according to claim 1, characterized in that the restricting means restricts the application of the control relating to the restriction of the execution of authentication when the target device is operating in access point mode as a wireless LAN access point. [Claim 9] A method for controlling an information processing device, An authentication process step that performs authentication to verify that the user is a legitimate user in response to a connection request from a terminal device over the network, A limiting step that restricts the execution of authentication until the elapsed time reaches a second threshold when the number of authentication failures reaches a first threshold, Includes, The restriction step causes at least one of the first threshold and the second threshold to differ depending on whether the password used for authentication is the same as the initial password set at the factory. A control method for an information processing device, characterized by the features described herein. [Claim 10] Computers, Authentication processing means that performs authentication to verify that a connection request from a terminal device via a network is from a legitimate user, A limiting means that restricts the execution of authentication until the elapsed time reaches a second threshold when the number of authentication failures reaches a first threshold, It has, The restricting means causes at least one of the first threshold and the second threshold to differ depending on whether the password used for authentication is the same as the initial password set at the factory. A program for causing an information processing device to function in a particular way.

Images