|
|||||
|
|
|
|
|
|
|
 |
|
||
 | |  |
|
Company > Settings > Security options 1. Click on the "Company" tab. 2. Click on the "Settings" tab. 3. Scroll down to the "Security Options" section and select a time for the session timeout (options are: Off, 5, 10, 15, 30, or 45 minutes, and 1 hour). If the page in the account currently being viewed by the user has not changed in the time specified, the user will be logged out of the account. 4. User lock-out: Choose the number of consecutive unsuccessful login attempts to permit before locking out a user. This defaults to "Unlimited." Once a user is locked out, (s)he will not be able to log in even with the correct ID/Password combination until the administrator unlocks the user. To unlock a user, an account administrator must go to the Account>User screen, check the "run an action" box next to the user's name, click on the "run" (circular arrows) icon, make sure the "Unlock the selected users" button is clicked and click "OK." (If the check box does not appear on the screen, click the "customize" link at the bottom of the page, highlight "Run an action" in the "Available Items" list, click the green "add highlighted items" button, then click OK.) 5. Check the "Notify account administrators on user lockout" box to notify all account administrators when a user is locked out. All adminstrators will receive an email alert after the user's first unsuccessful consecutive attempt above the limit. Subsequent attempts will not generate additional emails. 6. Choose between allowing and disabling URL sharing. If you disable URL sharing, users cannot, for example, copy the URL of a page in the account into a different browser, and be able to view the page and have access to the account from this new browser without having logged in. 7. Choose between having SSL encryption on "Selectively" or "All the time." SSL encrypts the communication between your browser and the OpenAir.com server. It can also slow down your session, especially on older browsers and machines. We offer two levels of encryption so you can choose what level of security you want: Selectively: This option dynamically turns on SSL for pages that contain very confidential data such as credit card and password information. The rest of the pages will not be SSL encrypted to provide maximum viewing speed. All the time: Select this option if you want SSL encryption turned on all the time for maximum security. Note: This is the default setting. 8. Scroll to the "Password Options" section. Password expiration: Select whether passwords expire and if so, on what schedule (1 week/15 days/1 month/2 months/3 months/6 months/1 year) 9a. Set a Minimum password length, if desired. 9b. Other password requirements: Check options to require Password to contain both alpha and numeric characters, to be different from user ID, and/or to force user to change an invalid password on login. Requirements in 9a and 9b will only affect new passwords, either for new users or for current users who change their password, unless you also enable the option to force the user to change an invalid password. 10. Click on the "Save" button at the bottom of the screen. |
|
|