*HTTPS Required enable the forcing of all users to HTTPS/SSL. For On-premise customers.
*HTTPS for Login enable the forcing of HTTPS/SSL when logging into the system. For On-premise customers
Login Session Timeout (minutes) set a number of minutes a users can stay logged into one session. The default is 2,880.
Disable Remember Username on Login disables the system from remembering logins.
Enable Auto Complete For The Password Form Value on The Login page enables auto-complete for the password form value. This may however be overwritten by the user's web browser.
Password Minimum Length enforces a minimum character length for passwords whenever a new password is entered for a new user or an existing password is changed.
Password Strength allows for a selection of password policy rules, such as "contains both uppercase and lowercase values."
Password Strength Error Message will automatically populate based on the selected password strength and allow for manual editing of the message the user will see.
Maximum Failed Login Attempts enables a user to be stopped from logging in following a certain number of incorrect login entries.
User Lockout Period (Minutes) defines the time period that the user attempting the failed login must wait before attempting to login again.
Password Expiration Period (Days) sets the number of days for password validity. Following the password expiration, the user must change their password. This expiration resets automatically whenever the user changes their password.
Previous Number of Passwords Excluded will track the entered number of passwords after it is turned on. The number entered includes the current password, so it must be a value of at least 1 if the users are not to be allowed to re-enter their current password. It will not start tracking the set number of passwords until after it is updated. If it is changed from 1 to 3, then the setting cannot be enforced until the user has updated their password another two times following the update.
Password Reset Link Expiration lets you set how long the reset link will be valid over email.
User Invite Link Expiration (Minutes) will force you to request a password reset link after the minutes specificied.
User Inactivity Auto Logout Minutes The number of minutes a user can be inactive before they are auto logged off the system (nothing or 0, disables auto logout)
Enable Browser Header Setting That Prevents External Content to Be Sourced Through an iFrame Helps protect your data by stopping other websites from loading this app inside a frame or embedded window.
Enable Browser Header Setting to Help Prevent Cross Site Scripting (XSS) Adds an extra layer of browser protection to help prevent malicious scripts from running in your browser while using this app.
Enable HSTS Header Security Ensures a secure connection by automatically using HTTPS every time you visit the site.
Comments
0 comments
Please sign in to leave a comment.