Help Center

Account Security Settings

  • Updated

01 All Available.png

 

Introduction

With Account Security Settings, we offer administrators a way to safeguard your Nuacom accounts. Easily manage your security preferences, enable two-factor authentication, and control access to ensure your company's data and information remain protected at all times.


Setting up security

To manage your settings, log in as an admin on the Nuacom web portal, head into the Account Settings page, and click on the Account Security tab.

 

Local Logins

The first option is used to allow or disable the Local (Email/password) logins in the Account. 

 

2FA Authentication

Once enabled, you can enable 2FA Authentication for all users on the account. When 2FA authentication is challenged, users will receive a one-time-use code in their email to fill out on the login screen to log in successfully. 

ℹ️ If you need to enable 2FA for specific users, you need to disable the 2FA Authentication option from the account security settings page, head to the Users page, and toggle the option for each user for whom you need to activate it.
2fauser.jpg

2FA Challenge rules

2FA will not constantly be challenged. The system will analyse the login/usage behaviour of the user and will challenge the extra code automatically. Some of the behaviours that will result in a 2FA challenge are:

Login from a new device
Login from a new location
Login after a recent password reset

 

Password Characters

Admins can set the minimum number of characters that all passwords in the Account should have. They can set between 8 and 32 characters. The default option for all accounts is 8.

Password Chars.gif

Compromised Passwords

Admins can also check if the password is compromised against a list of known compromised passwords and prevent their use. For this feature, we have been checking the password against a pool of leaked passwords provided by have i been pwned? . To find out more about the service check this blog post.

 

Default Password Rules

Apart from the length, here are some additional password rules that are the default for all accounts:

At least 6 letters
At least 1 lowercase letter
At least 1 uppercase letter
At least 1 number
At least 1 special character
No password reuse

 

Password Expiration

Admins can also set the passwords to expire every one to twelve months.

 

SSO Logins

Admins can enable Google & Microsoft SSO login. They can disable local logins and allow only SSO logins in an account for additional security.

For Microsoft SSO, there is also the option to declare the allowed Microsoft tenant IDs to safeguard account access from disguised corporate email addresses.

 

IP Restrictions

If admins need to strengthen account access security further, they can declare specific IPs that users must use to log in. (IPv4 is available for now.)

IP Restricitons.gif

 

Account PIN Code

This account PIN code is automatically assigned from the system when the account is created. It is used to perform various actions from a handset. 
Example: Record a system announcement from a handset by dialling the code 266.

Admins have the option to update it at any time.

 

That's it! You have successfully set up your account security settings.
If you need further assistance, our support team is available by submitting a ticket or by calling us at 777.

Was this article helpful?

Comments

0 comments

Article is closed for comments.