Logging In / System Access

From Charitylog Manual
Revision as of 10:02, 9 July 2024 by Alanconway (talk | contribs) (Single Stage Login)
Jump to: navigation, search
Helpheader small.png

PAGE UNDER CONSTRUCTION


Security Rules

The Security Rules tab shows security rules for your system.

Usernames

  • minimum length of usernames
  • minimum number of uppercase characters
  • minimum number of numeric characters

Failed logins

  • set a lockout period in minutes, after a number of failed login attempts
  • Require Adminstrator Reset After Failed Logins? - choose whether or not to lock out users until an administrator resets their account (after failed logins)

User Inactivity

Set the length of the countdown timer that operates to log users out automatically.

2 Factor Authentication

Choose whether to use 2 Factor Authentication or not. You will need to have the TextAnywhere service enabled but you can also choose to authenticate user logins with an email instead of a text. Enable the option, then choose email or text.

2factoroptions.png

Password Rules

Oprulespasswords.png

The Password Rules tab contains system-wide settings relating to user passwords. On this screen you will see:

  • Do not allow the reuse of previous - It would be recommended that this has at 10 previous passwords denied.
  • Number of Days Before User Password Change Required - If set to zero then users will never be prompted to change their password. A typical time period is 60 days, this is around two months.
  • Minimum Password Strength

Charitylog has an in-built strength checker which can force the users to create stronger passwords. This can look at commonly used words and the overall perceived strength of the chose password. Users are then prevented from using a weak password, even though it may have met conventional rules about the number of characters used. The default option is set to Strong. We would recommend users are coached to choose a stronger password by combining random/memorable words into a single phrase. For example, the password Purplemonkeydishwasher is much easier to remember and stronger than Pa55w0rd. In short, length is strength and the longer the password is, the more secure it is. But remember to make it easy for the user to remember but personal to them so only they would know.

If you have contractual requirements for specific password strength rules, you can click on the chevron which reveals the below options.

  • Minimum Length of User Passwords - This specifies the minimum length that a users password can be. We would recommend at least seven to eight characters.
  • Minimum Number of Upper Case Characters In Password - It is recommended that you include at least one uppercase character.
  • Minimum Number of Non Alpha-numeric Characters (_:!&()?-@,.+) in Password - It is recommended that you include at least one special character.
  • Maximum Number of Identical Consecutive Characters In Password - Allowing consecutive characters can make a weak password. Example; aaaaaaa1
  • Allow User's System Username In Password - It is recommended to set this to "Do not Allow".
  • Allow User's Real Name In Password - It is recommended to set this to "Do not Allow".
  • Allow Organisation Name In Password - It is recommended to set this to "Do not Allow".
  • Allow Browser to Save Username and Password - It is recommended to set this to "Do not Allow".

Single Stage Login

Essentially, there are two options to consider when logging into your system. You can either present users with an organisation-wide username and password, or you can present them with a specific URL they can click on and simply enter their own username and password. To retain the conventional 2-stage login process, choose the option which says Using a two-step process.

If you wish to create a dedicated UR, choose the option which says Directly to this system, using a custom URL as seen below. You can then customise the URL or use the default provided. The URL will be provided underneath so you can copy and paste.

Customurlsinglestage.png

Welcome Message

Organisation Password

External Links