FIPS Compliance

Owned by Phillip Hanegan
Last updated: Sept 12, 2024
1 min read

EmpowerID supports FIPS (Federal Information Processing Standards) compliance, which is required for organizations that must meet the higher cryptographic standards established by the U.S. government. FIPS compliance ensures that systems use approved cryptographic algorithms.

To enable FIPS compliance in EmpowerID, you must configure the system by adding a specific registry key. The following steps outline how to enable this setting.

Procedure

  1. Open the Registry Editor:

    • Navigate to HKEY_LOCAL_MACHINE/SOFTWARE/TheDotNetFactory/EmpowerID.

  2. Create a New String Value:

    • Right-click the EmpowerID key, select New > String Value from the context menu.

    • Name the new value FIPSEnabled.

  3. Set the Value:

    • Set the FIPSEnabled value to true.

  4. Restart the EmpowerID Web Role Windows Service:

    • Restart the service for the changes to take effect.

Error Handling

If you are working in a FIPS-compliant environment and do not enable this setting, any attempt to run EmpowerID workflows will result in the following error message:

“This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.”

If you encounter this error, verify that the FIPSEnabled key is correctly set to true in the registry.