Advanced Security Settings
Advanced Security Settings are provided to customize how the system handles session time outs, password creation, encryption, and other items for system users. These settings are only accessible by users with an Adminstrator Profile and may be used to change password policies, etc. within the system.
The following sections have been provided to aid in making changes to the Advanced Security Settings:
What are Advanced Security Settings?
Advanced security settings may be used to customize general security settings for users. This might include setting a specific required length for passwords, extending or decreasing the expiration period for passwords or restricting access to specific IP addresses.
The default values for these settings consist of:
- Minimum Password Length - 8 Characters
- Password Must Contain - At Least One Character
- Idle Web Session Timeout - 2 hours
- Network Restrictions - Access Permitted to any IP Address
For example, maybe you want to decrease the time period for idle web sessions time out to 30 minutes. This can be done in the Advanced Security Settings.
What Settings Are Available?
The following advanced security options are provided to Administrators of Wordbee Translator:
Option | Description |
---|---|
Password Policy | Change the minimum required length, minimum number of non-characters, and password expiration time period for users. |
User sessions and data encryption | Set secure user sessions with data encryption and choose whether Multi-Factor Authentication (MFA) is required. |
Network Restrictions | Enter IP Addresses or an IP Address Range for restricting access to the platform. |
Please note that only the Administrator will be able to access these settings and make changes.
How to Access these Settings
To access these settings, click on Settings in the upper right corner of the screen. Scroll down to the Accounts and Security Section and then click on Configure to the right of the Advanced Security Settings option.
Configuring Advanced Security Settings
Click on Edit in the upper right corner of the screen to make changes.
Please note that only the Administrator will be able to access these settings and make changes.
Password Policy
The Password Policy section may be used to change the minimum length of passwords, configure the required number of non-letter characters for passwords, and to set an expiration period (10, 20, 30 days, etc.) for password changes. To change the minimum length or number of non-letter characters, use the arrows to increase or decrease the value (or click and type).
By default, passwords do not expire in the system. To change this, click on the drop-down menu next to Password Expiration and then select the desired time period for passwords to expire. After this time period has passed, users will be prompted to enter a new password before accessing the system.
User sessions and data encryption
By default, the Idle Web Session Timeout setting is set to 2 hours. This means that users will be logged out of the system after the session has experienced no activity for 2 hours.
This can be changed by clicking on the provided drop-down menu and choosing a different setting such as 1 hour, 30 minutes, etc. For the highest security, 30 minutes is best.
Multi-Factor Authentication (MFA)
Configure Multi-Factor Authentication (MFA) to enhance account security. Choose whether to disable MFA, enforce it for all or some users, or allow users to enable it optionally.
Configuration Options:
- Disabled: MFA is not enabled, and users can access the system with only their user name and password.
- Enforce MFA (all users): MFA is mandatory for all users, including administrators. No user can access the system without being verified through MFA.
- Enforce MFA (non-SSO users): Only users logging in directly with user name and password will be required to authenticate via MFA. Users logging in via SSO (Single Sign-On) will be excluded from the MFA requirement.
- Enabled (optional): Admins can allow users to choose whether they want to enable MFA, providing flexibility for teams with different security needs.
Network Restrictions
The Network Restrictions section may be used to enter one or multiple IP Addresses or an IP Address Range for restricting access to your platform. Any user who does not have a compatible IP Address will not be allowed to log in.
To enter an IP Address Range, use the following format: 132.23.40.10 - 132.28.90.200. If you will be entering more than on individual IP Address, then they should be placed on seperate lines within this entry field. Your current IP Address is also shown at the bottom of this configuration section.
Save Your Changes
After all desired changes have been made, you will need to save the Advanced Security Settings configuration. To do so, click on Save in the upper right hand corner of the screen. To exit without saving your changes, click on Cancel.