...
The following sections have been provided to aid in making changes to the Advanced Security Settings:
| Table of Contents |
|---|
What are Advanced Security Settings?
Advanced security settings may be used to customize general security settings for users. This might include setting a specific required length for passwords, extended extending or decreasing the expiration period for passwords , enabling SSL encryption, or restricting access to specific IP addresses.
...
- Minimum Password Length - 8 Characters
- Password Must Contain - At Least One Character
- SSL Encryption - Disabled
- Idle Web Session Timeout - 2 hours
- Network Restrictions - Access Permitted to any IP Address
For example, maybe you want to enable SSL encryption for all pages and users as well as decrease the time period for idle web session sessions time out to 30 minutes. This can be done in the Advanced Security Settings.
What Settings Are Available?
...
| Option | Description | ||
|---|---|---|---|
| Password Policy | Change the minimum required length, minium minimum number of non-characters, and password expiration time period for users. | User Sessions and Data Encryption | Enable SSL Encryption for all pages & users and change the default session timeout period. **If enabling SSL encryption, please note that this will result in a slower page load time. |
| Network Restrictions | Enter IP Addresses or an IP Address Range for restricting access to the platform. |
...
| Warning |
|---|
Please note that only the Administrator will be able to access these settings and make changes. |
How to Access these Settings
To access these settings, click on Settings in the upper right corner of the screen.
Scroll Scroll down to the Accounts and Security Section and then click on Configure to the right of the Advanced Security Settings option.
Configuring Advanced Security Settings
...
| Warning |
|---|
Please note that only the Administrator will be able to access these settings and make changes. |
...
Password Policy
The Password Policy section may be used to change the minimum length of passwords, configure the required number of non-letter characters for passwords, and to set an expiration period (10, 20, 30 days, etc.) for password changes. To change the minimum length or number of non-letter characters, use the arrows to increase or decrease the value (or click and type).
...
By default, passwords do not expire in the system. To change this, click on the drop-down menu next to Password Expiration and then select the desired time period for passwords to expire. After this time period has passed, users will be prompted to enter a new password before accessing the system.
User Sessions and Data Encryption
The User Sessions and Data Encryption section may be used to enable SSL encryption for all pages and to set a default idle web session time out.
If SSL encryption is enabled (disabled by default), then please note that this could cause page loads to be a little slower. This change will apply to all users logging into the system. To enable this option, simply tick the box next to Enforce.
| Note |
|---|
This change does not take effect for users until their next login into the system. If they are currently logged in, they will need to log out and then log back in for SSL encryption to begin. |
If you do not want to encrypt for all pages for all users, then leave this option unticked. Individual users will be given the option to use SSL encryption on the login page. All they need to do is tick the option titled Secure Connection for all Pages (https).
By default, the Idle Web Session Timeout setting is set to 2 hours. This means that users will be logged out of the system after the session has experienced no activity for 2 hours.
...