Enabling FIPS in Cisco Unity Connection prevents a touchtone
conversation user from signing in to play or send voice messages or to change
user settings if both of the following options are true:
- The user was created in
Cisco Unity 5.x or earlier, and migrated to Connection.
- The Unity Connection user
still has a voicemail PIN that was assigned in Cisco Unity 5.x or earlier.
A touchtone
conversation user signs in by entering an ID (usually the user's extension) and
a voicemail PIN. The ID and PIN are assigned when the user is created. Either
an administrator or the user can change the PIN. To prevent administrators from
accessing PINs in Connection Administration, PINs are hashed. In Cisco Unity
5.x and earlier, Cisco Unity hashed the PIN by using an MD5 hashing algorithm,
which is not FIPS compliant. In Cisco Unity 7.x and later, and in Unity
Connection, the PIN is hashed by using an SHA-1 algorithm, which is much harder
to decrypt and is FIPS compliant.