10.2.7. Security

This section explains about the security measures regarding the policies and passwords

10.2.7.1. User Security

Manage the user’s security features here. You can manage the session time-out. Password Attempts and Login using 2-step verification.

  1. Enable 2-factor authentication: Here, an OTP would be received on the registered email-id for the login.

  2. Lock User Account: This Flag will lock the portal in case of more than 3 wrong Attempts. The number of attempts can be configured.

  3. Session Timeout: This flag allows the configuration of the Session Idle and Timeout time.

Asset

User Security

10.2.7.2. Password Policy

Manage the password policy as a preventative measure to keep the threats off the bay. You can choose to make it simple if the system is hosted in a private domain. Or you can make it complicated if you have not much control over the users.

For configuring the password policy, Go to Admin >> Users >> Password Policy

  1. Password Length: Set the length of the password as desired

  2. Have Special characters: Enable this flag if you wish to include special characters in the password

  3. Have Alphabet: Enable this flag if you wish to include alphabet in the password

  4. Have Mixed Case: Enable this flag if you wish to include mixed characters in the password

  5. Do not allow users to use previous password: Enable this flag if you don’t wish to use the same password again

  6. Password Expiry: You can select the time duration of when should the password expire. Available options are : 15/30/60/90 Days

Asset

Password policy

10.2.7.3. Configuration Audit

This page shows the audit logs for each Configuration in the system

Asset

Configuration Audit

  • Here you can Refresh the Page for viewing new updates if any.

  • Filter option is also Available for fewer parameters like IP Address, Date, User or Event

Asset

Configuration Audit

  • You can also download the audit logs in form of pdf or excel

Asset

Configuration Audit