Advanced Security Settings are provided to customize how the system handles session time outs, password creation, encryption, and other items for system users. These settings are only accessible by users with an Adminstrator Profile and may be used to change password policies, etc. within the system.
The following sections have been provided to aid in making changes to the Advanced Security Settings:
What are Advanced Security Settings?
Advanced security settings may be used to customize general security settings for users. This might include setting a specific required length for passwords, extended or decreasing the expiration period for passwords, enabling SSL encryption, or restricting access to specific IP addresses.
The default values for these settings consist of:
- Minimum Password Length - 8 Characters
- Password Must Contain - At Least One Character
- SSL Encryption - Disabled
- Idle Web Session Timeout - 2 hours
- Network Restrictions - Access Permitted to any IP Address
For example, maybe you want to enable SSL encryption for all pages and users as well as decrease the time period for idle web session time out to 30 minutes. This can be done in the Advanced Security Settings.
What Settings Are Available?
The following advanced security options are provided to Administrators of Wordbee Translator:
Option | Description |
---|---|
Password Policy | Change the minimum required length, minium number of non-characters, and password expiration time period for users. |
User Sessions and Data Encryption | Enable SSL Encryption for all pages & users and change the default session timeout period. **If enabling SSL encryption, please note that this will result in a slower page load time. |
Network Restrictions | Enter IP Addresses or an IP Address Range for restricting access to the platform. |
Please note that only the Administrator will be able to access these settings and make changes.
How to Access these Settings
To access these settings, click on Settings in the upper right corner of the screen.
Scroll down to the Accounts and Security Section and then click on Configure to the right of the Advanced Security Settings option.
Configuring Advanced Security Settings
Click on Edit in the upper right corner of the screen to make changes.
Please note that only the Administrator will be able to access these settings and make changes.
Password Policy
The Password Policy section may be used to change the minimum length of passwords, configure the required number of non-letter characters for passwords, and to set an expiration period (10, 20, 30 days, etc.) for password changes. To change the minimum length or number of non-letter characters, use the arrows to increase or decrease the value (or click and type).
By default, passwords do not expire in the system. To change this, click on the drop-down menu next to Password Expiration and then select the desired time period for passwords to expire. After this time period has passed, users will be prompted to enter a new password before accessing the system.
User Sessions and Data Encryption
The User Sessions and Data Encryption section may be used to enable SSL encryption for all pages and to set a default idle web session time out.
If SSL encryption is enabled (disabled by default), then please note that this could cause page loads to be a little slower. This change will apply to all users logging into the system. To enable this option, simply tick the box next to Enforce.
This change does not take effect for users until their next login into the system. If they are currently logged in, they will need to log out and then log back in for SSL encryption to begin.
If you do not want to encrypt for all pages for all users, then leave this option unticked. Individual users will be given the option to use SSL encryption on the login page. All they need to do is tick the option titled Secure Connection for all Pages (https).
By default, the Idle Web Session Timeout setting is set to 2 hours. This means that users will be logged out of the system after the session has experienced no activity for 2 hours.
This can be changed by clicking on the provided drop-down menu and choosing a different setting such as 1 hour, 30 minutes, etc. For the highest security, 30 minutes is best.
Network Restrictions
The Network Restrictions section may be used to enter one or multiple IP Addresses or an IP Address Range for restricting access to your platform. Any user who does not have a compatible IP Address will not be allowed to log in.
To enter an IP Address Range, use the following format: 132.23.40.10 - 132.28.90.200. If you will be entering more than on individual IP Address, then they should be placed on seperate lines within this entry field. Your current IP Address is also shown at the bottom of this configuration section.
Save Your Changes
After all desired changes have been made, you will need to save the Advanced Security Settings configuration. To do so, click on Save in the upper right hand corner of the screen. To exit without saving your changes, click on Cancel.