The Security page allows the Administrator to manage many aspects of your site including Password requirements, Username requirements, Multi-Factor requirements, Login Attempts, IP Address settings, and Session Timeout settings.
Table of Contents
- Username Management
- Password Complexity
- Password Management
- Multi-Factor Authentication
- Login Attempts
- IP Address Restrictions
- Session TimeOut
- Log into the Admin Console.
- Select the Security tab at the top of the screen.
Username Management
- This section allows Admins to increase the complexity of Usernames.
- They can adjust the minimum character length requirement.
- They can also require Usernames to be alphanumeric.
Password Complexity
- This section allows Admins to increase the complexity of passwords with a combination of options.
- Require passwords to have a mix of upper and lowercase letters.
- Require passwords to be alphanumeric.
- Require passwords to include special characters.
- Prevent passwords from including the Username or the User's full name.
- Prevent passwords from beginning or ending with numbers.
Password Management
- This section allows Admins to further customize password requirements.
- Adjust the minimum password length.
- Set when you'd like password to expire, thus requiring Users to create new passwords.
- Prevent Users from creating a password that they have used in the past.
- Allow specific Users to bypass the expiration limit. (This is useful for Users that are accessed by automated services.)
- Prevent passwords from being changed until a certain amount of time has passed. (This setting will affect super Admins. A Super Admin will be able to override this setting and reset or change anyone's password including their own.)
- Set the number of invalid password attempts before an account is locked.
- Enable the Forgot Password recovery option on the User Portal.
Multi-Factor Authentication
- This section allows Admins to enable Multi-Factor Authentication on your site.
- When enabled, you will sign into your account with your Username and password. Then, as a second factor, the system will generate a one-time code that you enter on the next screen. This code will be delivered to you via Email, SMS, or Phone. Once this code has been entered, you will gain access to your account.
- To learn more about this section, we have an entire list of in-depth support articles located here.
Login Attempts
- This section allows Admins to restrict the number of User Login Attempts (successfully or not) per day.
IP Address Restrictions
- This section allows Admins to restrict access to the site based on the IP address.
- Only those Login Attempts originating from IPs which are in the "Allow Entry" IP Address list will be permitted to access the site.
- Attempts from any other IPs will be denied access.
- This only applies to the User Portal, API/Mobile, and the Sync App. It does not apply to FTPS, WebDAV and SFTP connections.
- This section allows Admins to adjust the inactive session timeout settings.
- This applies to both the User Portal and Administration Console.
- Adjust the setting from as low as 5 minutes to as high as 24 hours.
- For a video tutorial on this feature, click here.
Still Have Questions?
If you need help or have additional questions, please contact us.
0 Comments