FIPS or more precisely Federal Information Processing Standards are set standards for document processing, encryption algorithms and other standards defined by the National Institute of Standards and Technology which are needed to be used for non-military government agencies and government contractors and vendors who work with the agencies. Microsoft recommends turning off this setting and even they don’t enable it by default.
Effect of FIPS on APPSeCONNECT
Even though FIPS does not have any direct effect on the sync operation, still APPSeCONNECT requires you to turn off the FIPS settings as we use secured hash algorithms for storing passwords that are not part of FIPS algorithm lists. You need to always turn off the FIPS settings if you wish to log in from the on-premise machine. The login is only required when you want to configure your on-premise agent for the first time after installation, to make sure the licenses are properly downloaded.
If FIPS is enabled in the system where you have installed your on-premise agent, an error will show up stating “FIPS is enabled in this machine, please disable it before login”.
This will disallow you to login into the agent, as you can see the Login button gets disabled even though the user id and password are wrong.
How to disable FIPS in Windows machine
- Go to Start -> Run.
- Type “gpedit.msc” without quotes.
- Open “Local Computer Policy” -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options.
- Find the policy called – “System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing as shown in the figure below.
- Open the settings and “Disable” it.
- Once this is done, re-login to the agent again.
You should successfully log in using your own login credentials.