Security configurator
  • 3 minutes to read
  • Dark
    Light
  • PDF

Security configurator

  • Dark
    Light
  • PDF

Article summary

In this document, you will find all the information about the Security configurator section of the senhasegura settings.

Path to access

  1. On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Settings.
  2. In the side menu, select System parameters > Security.

Segurity

User accounts maintenance

ItemDescription
Minute to expire the sessionIndicates the value, in minutes, for the session (login) to automatically expire.
Lock account after login errors after X attempts until lockingIndicates the number of unsuccessful login attempts in a login session before the account is locked.
Lock disabled accountCheckbox to indicate if an inactive account will be locked.
X days until lockIf the Lock disabled account option is enabled, this will indicate the number of days without access before the account is locked.
Force password change on first accessCheckbox to indicate if the user must change their password on first access.
Expire passwordCheckbox to indicate if the password will automatically expire.
X days until password expiresIf the Expire password option is enabled, this will indicate the number of days until the password expires.
Time between CSRF token (minutes)Maximum time for the user to log in before the CSRF token expires.
Info

CSRF (Cross-Site Request Forgery) is an attack where a malicious website induces an authenticated user on another site, such as a bank, to perform an unwanted action, like a financial transfer. Without CSRF protection, a malicious link can perform this action as if it were the user themselves, using valid session cookies. To prevent this, CSRF tokens are used.

Multi-factor authentication

ItemDescription
Force multi-factor authentication to all usersCheckbox to indicate if MFA authentication will be required for all users.
Force digital certificate authentication to all usersCheckbox to indicate if the use of digital certificates will be required for all users.
Enable external Multi-Factor Authentication applicationCheckbox to indicate if the use of an external solution for MFA authentication will be allowed.
Allow 'Trust this computer' up to a maximum XX hoursCheckbox to indicate if the option to trust the computer will be enabled and for how long, at maximum, it will be possible to trust the computer. In other words, with this configuration enabled, it won't be necessary to use the token for the defined time period.
Accept with tokens generated until XX second changeCheckbox to indicate if expired authentication tokens will be accepted and for how long an expired token will be considered valid.

Password security level

ItemDescription
XX minimum characters for passwordIndicates the minimum number of characters for the password.
X minimum numbers for password.Indicates the minimum number of numbers for the password.
Restrict password reuseCheckbox to indicate if password reuse won't be allowed
XX Last passwords that cannot be usedIf the Restrict password reuse option is enabled, indicates how many passwords, retroactively, cannot be reused.
Require symbols in the passwordCheckbox to indicate if the password must contain symbols.

Access control by IP

ItemDescription
Allow all/Deny allRadio button. Indicates whether all IP addresses will be denied or allowed.
IP rangeIP ranges.
StartStarting address of the IP range.
EndEnding address of the IP range.
ActionDropdown menu. Indicates the action to be taken for this IP range. Can be Deny all or Allow all.

Adaptive MFA by location

ItemDescription
IP rangeIP ranges.
StartStarting address of the IP range.
EndEnding address of the IP range.
ActionDropdown menu. Indicates the action to be taken for this IP range. Can be Require MFA or Skip MFA.

Was this article helpful?

What's Next