Access Management > Security
Use this topic to enable and configure security policies efficiently and promptly within Core Manager. This page is only visible when Access Control is turned On.
Note: Only Administrators have access to this page, the lower Roles do not. Refer to the Access Management > Roles topic to learn more.
Sign In
Two robust policies fortify your protection. You can choose between Delay between attempts, or Number of failed attempts before lock, the latter of which empowers you to enforce a Lock profile after the last attempt for for a defined duration.
- Enabling the Delay between attempts option introduces a brief waiting period, allowing or a more deliberate approach to retries. By default, this option is disabled, but if enabled, it will set a default delay of 5 seconds. You have the flexibility to choose a delay duration anywhere from 1-86400 seconds.
- The Lock profile after the last attempt for feature enhances security by limiting sign-in attempts. By default, this safeguard is turned off, but when activated, it defaults to 6 sign-in attempts and a subsequent lockout of 30 minutes. You can customize these settings, specifying the number of attempts (ranging from 1 to 100) and the lockout duration (between 1 and 1,440 minutes).
Password Requirements
Password requirements are rules and criteria that dictate how passwords must be structured and created to enhance security. These requirements often include factors such as password length and complexity (combining letters, numbers, and symbols). They serve to protect accounts and sensitive information by making it more challenging for unauthorized individuals to guess or crack passwords.
The default characters requirement is set to 8, but can be adjusted to demand up to 100 characters. The following criteria can be implemented:
- At least 1 uppercase character
- At least 1 lowercase character
- At least 1 numeric character
- At least 1 special symbol
- Allowed symbols: ! @ # $ % ^ & * ( ) , . ? " : { } | < >
Additionally, there are options to prohibit the reuse of the last 4 passwords and for added security.
File Upload Permissions
The security policies implemented enable the restriction of specific file formats when uploading to the Core. These measures are designed to enhance data security by allowing only authorized and safe file types, mitigating potential security risks and data vulnerabilities. There is the option to select Allow All file types or specify the desired file types.
The available file formats are categorized into four sections: Files, Audio, Video, and Images, which are listed as follows:
|
Files |
Audio |
Video |
Images |
|---|---|---|---|
|
|
MP3 |
MP4 |
JPEG1 |
|
DOCX |
WAV |
AVI |
PNG |
|
XLSX |
FLAC |
MKV |
GIF |
|
PPTX |
AAC |
MOV |
BMP |
|
ODT |
OGG |
MPEG |
SVG |
|
ODS |
AIFF |
3GP |
WebP |
|
ODP |
|
|
RAW |
|
TXT |
|
|
|
|
JSON |
|
|
|
|
EDID1 |
|
|
|
1. Allowed to upload in the Files, Cameras, and Video Endpoints features.
Reset to Default
Every Security section has a Reset to Default option which allows users to restore a setting or configuration to its original, factory-defined state. When this button is clicked or activated, it will undo any changes or customizations that have been made to the setting, reverting it to the standard default configuration.
