Security Settings

User Access Settings

Password Complexity

Use this setting to define the password policy you want to enforce for all user passwords in the system. The values of this setting is defined as a regular expression. You can test a password after defining the regular expression. You can also change the message that you want to show to users when their passwords do not comply with the password policy. If you do not wish to enforce a policy, you can delete the value of this setting.

  • Access Level: Partition settings

  • Default value: Simple

  • Value options:

    • Simple: A password that is at least 8 to 64 characters.

    • Strong: A password that is at least 8 to 64 characters. The password must include three of four types of characters listed here lowercase, uppercase, numbers, or symbols.

    • Custom: This option allows configuring a custom password length. It also allows accepting number-only passwords (pins). Upon selecting this option, the following fields become available for password complexity.

Character Set

  • Value options:

    • Numbers only: Allows digits only (0-9) while entering a password.

    • All: Allows any letter, number, or symbol.

Minimum Length

  • Default value: 8

  • Minimum: 4

  • Maximum: No greater than the Maximum length.

Maximum Length

  • Default value: 64

  • Minimum: Greater than or equal to the Minimum length.

  • Maximum: 64

Character Classes Required

  • Value options:

    • Must contain any 2 of the following uppercase, lowercase, numbers, symbol: Ensures the password contains at least two character types. For example, a number (0-9) and a lowercase character.

    • Must contain any 3 of the following uppercase, lowercase, numbers, symbol: Ensures the password contains at least three character types. For example, a number (0-9), a lowercase character and a symbol ( @ # $ % ^ & * - _ = + [ ] { } \ | : ; ( ) , ' / ? ' ` ~ " . ).

    • Must contain any 4 of the following uppercase, lowercase, numbers, symbol: Ensures the password contains all character types.

User name validation Required

  • Default value: Yes

  • Value options: Yes, No 

Allow Users to Change Password

Use this setting to determine if users should be allowed to change their password from the Password tab in the Options window available in the user consoles.

  • Access level: Partition settings

  • Default value: Yes

  • Value options: Yes, No

Password Lifetime

The setting determines the period of time (in days) that a password can be used before the system requires the user to change it. 

Minimum password age

The minimum password age must be less than the maximum password age unless the maximum password age is set to 0 (never expire).

  • Access level: Partition settings 

  • Default value: 1

  • Minimum: 0

  • Maximum: 998

Maximum password age

To specify that passwords never expire, set the number of days to 0. If the maximum password age is set to 0, minimum password age can be any value between 0 and 998 days.

  • Access level: Partition settings 

  • Default value: 1

  • Minimum: 0

  • Maximum: 999

Expiry warning (days)

Expiry warning messages are displayed on the sign-in screen. During the warning period, the following message is displayed: "Your password will expire in {n} days." After the password has expired, the following message is displayed: "Your password has expired and must be changed'.

  • Access level: Partition settings 

  • Default value: 7

  • Minimum: 1

  • Maximum: 30

Maximum Passwords Changes Per Day

Use this setting to determine the number of times a user's password can be changed within a single 24-hour period.

  • Access level: Partition settings 

  • Default value: 3

  • Minimum: 1

  • Maximum: 12

Account Lockout

Use these settings to lock out bad actors that attempt to guess user passwords or use brute-force methods to gain access to the application. This setting can recognize sign-in attempts that come from valid users and treat them differently than attempts from attackers and other unknown sources, thus locking out attackers and allowing authenticated users the appropriate access.

Entering the same password repeatedly does not count as multiple unsuccessful logins. The accounts are locked based on the IP of the request and the passwords entered. The lockout counter resets to zero after a successful login when the account is not locked.

Lockout Threshold

After a password is unsuccessfully used the number times specified here, the account is locked for the time specified in the Lockout Threshold duration setting. This continues for the first 10 attempts. After the first 10 attempts, the next lockout periods are slightly longer and increase in duration after every 10 lockout periods.

  • Access level: Partition settings

  • Default value: 10

  • Minimum: 1

  • Maximum:

Lockout Threshold Duration (seconds)

After a password is unsuccessfully used the number times specified in the Lockout Threshold setting, the account is locked for the time specified (in seconds) here.

  • Access level: Partition settings

  • Default value: 60

  • Minimum: 1

  • Maximum: —

Idle User (Minutes)

Use this setting to specify the number of minutes of user inactivity that is allowed to pass before the user is automatically signed out of the application.

  • Access level: Partition settings 

  • Default value: 15

  • Minimum: 5

  • Maximum: 30

Auto Disable Users (Days)

Use this setting to specify the number of days allowed to pass before an inactive user's account is automatically disabled. The setting timer is reset if the user signs into the application within the specified amount of time.

  • Access level: Partition settings 

  • Default value: 60

  • Minimum: 1

  • Maximum: 1095

Common Security Settings

Customer Departmentalization

Use this setting to decide if customers should be shared across departments. Enable this setting if you do not want to share customer history and customer information across departments.

This setting can only be changed while there is one department in the partition. As soon as the second department is created in the partition, the setting becomes disabled and cannot be changed.

  • Access Level: Partition settings

  • Default value: No

  • Value options: No, Yes

Department Security Settings

The following settings can be configured at the department level. For more information about each setting, see General Department Settings.

  1. Login Name Minimum Length

  2. Display a Warning Message to Agents for PCI Compliance