Configure a log on option.
Login settings ensure a secure and reliable user log-on authentication experience.
As an administrator, you can configure the following:
Password policies
Two-factor authentication
As an administrator, you can do the following:
Configure how to receive the two-authentication factor.
Block a user's access after a specified number of incorrect login attempts to protect user accounts from unauthorized access and potential security breaches.
Require that the user's account password be reset if it was blocked.
Follow these steps to view the Log-In Options tab settings:
Ensure that you are logged on to ProcessMaker Platform.
Click the Admin option from the top menu. The Users page displays.
From the Settings panel on the left, expand the Log-in & Auth section.
Select Log-In Options to view the following details:
Setting: The Setting column displays the Log-In Options Setting name.
Configuration: The Configuration column displays the setting value and how it is configured.
Configure the following Log-In Options tab settings as necessary:
Enable users to change their passwords.
Follow these steps to enable a user to change their password:
Enable the Password Set By User toggle key. The following message displays: The setting was updated. When this setting is enabled, users are able to change their passwords when editing their user profile.
If this setting is toggled off, users won't have the option to update their password while editing their user profile.
Note: This setting applies to all users except Super Admins. Users with Super Admin permissions will always have the ability to change passwords.
Enable at least one numeric character for user passwords.
Follow these steps to enable numeric characters:
Enable the Numeric Characters toggle key. The following message displays: The setting was updated.
Enable at least one uppercase character for user passwords.
Follow these steps to enable uppercase characters:
Enable the Uppercase Characters toggle key. The following message displays: The setting was updated.
Enable at least one special character for user passwords.
Follow these steps to enable special characters:
Enable the Special Characters toggle key. The following message displays: The setting was updated.
Set the maximum length of password characters.
Follow these steps to set the maximum length:
In the setting, enter a maximum number of characters for the password.
Click Save. The following message displays: The setting was updated.
Set the minimum length of password characters.
Follow these steps to set the minimum length:
In the setting, enter a maximum number of characters for the password.
Click Save. The following message displays: The setting was updated.
Set in how many days the password expires.
Follow these steps to set the password expiration:
In the setting, enter several days when the password expires.
Click Save. The following message displays: The setting was updated.
Set the number of consecutive unsuccessful login attempts before blocking the login action momentarily.
Follow these steps to set the password expiration:
In the setting, enter a number of consecutive unsuccessful login attempts before blocking the login action momentarily.
Click Save. The following message displays: The setting was updated.
Enhance login security by enabling two-step authentication for user verification.
Two-step authentication must also be enabled in group-level settings.
SSO and Two-Step Authentication
If SSO is enabled, the Two-Step Authentication setting is bypassed for SSO users, allowing them to log in without it.
Non-SSO users must still enter two-step verification codes to log in.
Follow these steps to set up two-step authentication:
Enable the Require Two Step Authentication toggle key. The following message displays: The setting was updated.
Choose an authentication method for sending two-step verification codes.
Follow these steps to set a two-step authentication method:
Select one or more authentication methods as follows:
Select By email to send the code to your account email. An email address must be configured in user properties.
Select By message to phone number to send the code to your account phone number. A phone number must be configured in user properties.
Select Authenticator App to send the code to an authenticator app such as Google Authenticator.
Click Save. The following message displays: The setting was updated.
Click the Settings icon from the left sidebar to view all settings.
Click the Search icon or press enter to view Log-In Options settings that match your entered text.
Click the Edit icon for the Maximum Length setting. The Maximum Length screen displays.
Click the Edit icon for the Minimum Length setting. The Minimum Length screen displays.
Click the Edit icon for the Password Expiration setting. The Password expiration screen displays.
Click the Edit icon for the Login Failed setting. The Login failed screen displays.
Click the Edit icon for the Two Step Authentication Method setting. The Two Step Authentication Method screen displays.