Log-In Options Settings

Login settings ensure a secure and reliable user log-on authentication experience.

As an administrator, you can configure the following:

  • Password policies

  • Two-factor authentication

As an administrator, you can do the following:

  • Configure how to receive the two-authentication factor.

  • Block a user's access after a specified number of incorrect login attempts to protect user accounts from unauthorized access and potential security breaches.

  • Require that the user's account password be reset if it was blocked.

View the Log-In Options

Permissions

Your user account or group membership must have the "Settings: View Settings" permission to view Password Policies unless your user account has the Make this user a Super Admin setting selected.

See the Settings permissions or ask your Administrator for assistance.

Follow these steps to view the Log-In Options tab settings:

  1. Ensure that you are logged on to ProcessMaker Platform.

  2. Click the Admin option from the top menu. The Users page displays.

  3. Click the Settings icon from the left sidebar to view all settings.

  4. From the Settings panel on the left, expand the Log-in & Auth section.

  5. Select Log-In Options to view the following details:

    • Setting: The Setting column displays the Log-In Options Setting name.

    • Configuration: The Configuration column displays the setting value and how it is configured.

Log-In Options within the "Settings" page

Search for a Log-In Options Setting

Follow the next steps to search for a setting:

  1. In the Search setting, enter the Setting name to filter settings.

  2. Click the Search icon or press enter to view Log-In Options settings that match your entered text.

Configure the Log-In Options Tab Settings

Permissions

Your user account or group membership must have the "Settings: Update Settings" permission to edit settings from the Log-In Options tab unless your user account has the Make this user a Super Admin setting selected.

See the Settings permissions or ask your Administrator for assistance.

Configure the following Log-In Options tab settings as necessary:

Enable Users to Change Their Password

Enable users to change their passwords.

Follow these steps to enable a user to change their password:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Password Set By User toggle key. The following message displays: The setting was updated. When this setting is enabled, users are able to change their passwords when editing their user profile.

  3. If this setting is toggled off, users won't have the option to update their password while editing their user profile.

    Note: This setting applies to all users except Super Admins. Users with Super Admin permissions will always have the ability to change passwords.

Enable Numeric Characters

Enable at least one numeric character for user passwords.

Follow these steps to enable numeric characters:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Numeric Characters toggle key. The following message displays: The setting was updated.

Enable Uppercase Characters

Enable at least one uppercase character for user passwords.

Follow these steps to enable uppercase characters:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Uppercase Characters toggle key. The following message displays: The setting was updated.

Enable Special Characters

Enable at least one special character for user passwords.

Follow these steps to enable special characters:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Special Characters toggle key. The following message displays: The setting was updated.

Set the Maximum Length

Set the maximum length of password characters.

Follow these steps to set the maximum length:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Maximum Length setting. The Maximum Length screen displays.  

  3. In the setting, enter a maximum number of characters for the password.

  4. Click Save. The following message displays: The setting was updated.

Set the Minimum Length

Set the minimum length of password characters.

Follow these steps to set the minimum length:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Minimum Length setting. The Minimum Length screen displays.  

  3. In the setting, enter a maximum number of characters for the password.

  4. Click Save. The following message displays: The setting was updated.

Set the Password Expiration

Set in how many days the password expires.

Follow these steps to set the password expiration:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Password Expiration setting. The Password expiration screen displays.  

  3. In the setting, enter several days when the password expires.

  4. Click Save. The following message displays: The setting was updated.

Set Failed Login Attempts

Set the number of consecutive unsuccessful login attempts before blocking the login action momentarily.

Follow these steps to set the password expiration:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Login Failed setting. The Login failed screen displays.  

  3. In the setting, enter a number of consecutive unsuccessful login attempts before blocking the login action momentarily.

  4. Click Save. The following message displays: The setting was updated.

Enable Two-Step Authentication

Enhance login security by enabling two-step authentication for user verification.

Two-step authentication must also be enabled in group-level settings.

SSO and Two-Step Authentication

  • If  SSO is enabled, the Two-Step Authentication setting is bypassed for SSO users, allowing them to log in without it.

  • Non-SSO users must still enter two-step verification codes to log in.

Follow these steps to set up two-step authentication:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Enable the Require Two Step Authentication toggle key. The following message displays: The setting was updated.

Select a Two-Step Authentication Method

Choose an authentication method for sending two-step verification codes.

Follow these steps to set a two-step authentication method:

  1. View the Log-In Options tab settings. The Log-In Options tab displays.

  2. Click the Edit icon for the Two Step Authentication Method setting. The Two Step Authentication Method screen displays.

  3. Select one or more authentication methods as follows:

    • Select By email to send the code to your account email. An email address must be configured in user properties.

    • Select By message to phone number to send the code to your account phone number. A phone number must be configured in user properties.

    • Select Authenticator App to send the code to an authenticator app such as Google Authenticator.

  4. Click Save. The following message displays: The setting was updated.