Log-In Options Settings

  • 4 minute(s) read

Login settings provide a secure and reliable authentication experience by allowing administrators to manage user access and enforce security measures. As an administrator, you can:

  • Enforce password policies to maintain security standards.

  • Enable and configure two-factor authentication for added protection.

  • Choose how users receive the second authentication factor.

  • Block user access after a specified number of failed login attempts to prevent unauthorized access.

  • Require a password reset for blocked accounts to enhance security.

View the Log-In Options

Permissions

Your user account or group membership must have the "Settings: View Settings" permission to view Password Policies unless your user account has the Make this user a Super Admin setting selected.

See the Settings permissions or ask your Administrator for assistance.

Follow these steps to view the Log-In Options settings:

  1. Ensure that you are logged on to ProcessMaker Platform.

  2. Click the Admin option from the top menu. The Users page displays.

  3. Click the Settings icon from the left sidebar to view all settings.

  4. From the Settings panel on the left, expand the Log-in & Auth section.

  5. Select Log-In Options to view the following details:

    • Setting: The Setting column displays the Log-In Options Setting name.

    • Configuration: The Configuration column displays the setting value and how it is configured.

Log-In Options within the "Settings" page

Configure the Log-In Options

Permissions

Your user account or group membership must have the "Settings: Update Settings" permission to edit settings from the Log-In Options tab unless your user account has the Make this user a Super Admin setting selected.

See the Settings permissions or ask your Administrator for assistance.

The following settings can be configured in the Log-In Options tab:

Enable Users to Change Their Password

Enable users to change their passwords.

Follow these steps to enable a user to change their password:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Password Set By User toggle key. When this setting is enabled, users are able to change their passwords when editing their user profile.

  3. If this setting is toggled off, users won't have the option to update their password while editing their user profile.

    Note:

    This setting applies to all users except Super Admins. Users with Super Admin permissions will always have the ability to change passwords.

Enable Numeric Characters

Enable at least one numeric character for user passwords.

Follow these steps to enable numeric characters:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Numeric Characters toggle key. The following message displays: The setting was updated.

Enable Uppercase Characters

Enable at least one uppercase character for user passwords.

Follow these steps to enable uppercase characters:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Uppercase Characters toggle key. The following message displays: The setting was updated.

Enable Special Characters

Enable at least one special character for user passwords.

Follow these steps to enable special characters:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Special Characters toggle key. The following message displays: The setting was updated.

Set the Maximum Length

Set the maximum length of password characters.

Follow these steps to set the maximum length:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Maximum Length setting. The Maximum Length screen displays.  

  3. In the setting, enter a maximum number of characters for the password.

  4. Click Save. The following message displays: The setting was updated.

Set the Minimum Length

Set the minimum length of password characters.

Follow these steps to set the minimum length:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Minimum Length setting. The Minimum Length screen displays.  

  3. In the setting, enter a maximum number of characters for the password.

  4. Click Save. The following message displays: The setting was updated.

Set the Password Expiration

Set in how many days the password expires.

Follow these steps to set the password expiration:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Password Expiration setting. The Password expiration screen displays.  

  3. In the setting, enter several days when the password expires.

  4. Click Save. The following message displays: The setting was updated.

Set Failed Login Attempts

Set the number of consecutive unsuccessful login attempts before blocking the login action momentarily.

Follow these steps to set the password expiration:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Login Failed setting. The Login failed screen displays.  

  3. In the setting, enter a number of consecutive unsuccessful login attempts before blocking the login action momentarily.

  4. Click Save. The following message displays: The setting was updated.

Enable Two-Step Authentication

Enhance login security by enabling two-step authentication for user verification.

Two-step authentication must also be enabled in group-level settings.

Two-Step Authentication for SSO and Active Directory Users

  • If  SSO is enabled, the Two-Step Authentication setting is bypassed for SSO users, allowing them to log in without it.

  • Additionally, Two-Step Authentication is also bypassed when users authenticate against Active Directory.

  • Non-SSO and non-Active Directory users must still enter two-step verification codes to log in.

Follow these steps to set up two-step authentication:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Require Two Step Authentication toggle key. The following message displays: The setting was updated.

Select a Two-Step Authentication Method

Choose an authentication method for sending two-step verification codes.

Follow these steps to set a two-step authentication method:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Two Step Authentication Method setting. The Two Step Authentication Method screen displays.

  3. Select one or more authentication methods as follows:

    • Select By email to send the code to your account email. An email address must be configured in user properties.

    • Select By message to phone number to send the code to your account phone number. A phone number must be configured in user properties.

    • Select Authenticator App to send the code to an authenticator app such as Google Authenticator.

  4. Click Save. The following message displays: The setting was updated.