Introduction
With Account Security Settings, we offer administrators a way to safeguard your Nuacom accounts. Easily manage your security preferences, enable two-factor authentication, and control access to ensure your company's data and information remain protected at all times.
Setting up security
To manage your settings, log in as an admin on the Nuacom web portal, head into the Account Settings page, and click on the Account Security tab.
Local Logins
The first option is used to allow or disable the Local (Email/password) logins in the Account.
2FA Authentication
Once enabled, you can enable 2FA Authentication for all users on the account. When 2FA authentication is challenged, users will receive a one-time-use code in their email to fill out on the login screen to log in successfully.
ℹ️ If you need to enable 2FA for specific users, you need to disable the 2FA Authentication option from the account security settings page, head to the Users page, and toggle the option for each user for whom you need to activate it.
2FA Challenge rules
2FA will not constantly be challenged. The system will analyse the login/usage behaviour of the user and will challenge the extra code automatically. Some of the behaviours that will result in a 2FA challenge are:
Login from a new device
Login from a new location
Login after a recent password reset
Password Characters
Admins can set the minimum number of characters that all passwords in the Account should have. They can set between 8 and 32 characters. The default option for all accounts is 8.
Compromised Passwords
Admins can also check if the password is compromised against a list of known compromised passwords and prevent their use. For this feature, we have been checking the password against a pool of leaked passwords provided by have i been pwned? . To find out more about the service check this blog post.
Default Password Rules
Apart from the length, here are some additional password rules that are the default for all accounts:
At least 6 letters
At least 1 lowercase letter
At least 1 uppercase letter
At least 1 number
At least 1 special character
No password reuse
Password Expiration
Admins can also set the passwords to expire every one to twelve months.
SSO Logins
Admins can enable Google & Microsoft SSO login. They can disable local logins and allow only SSO logins in an account for additional security.
For Microsoft SSO, there is also the option to declare the allowed Microsoft tenant IDs to safeguard account access from disguised corporate email addresses.
IP Restrictions
If admins need to strengthen account access security further, they can declare specific IPs that users must use to log in. (IPv4 is available for now.)
Account PIN Code
This account PIN code is automatically assigned from the system when the account is created. It is used to perform various actions from a handset.
Example: Record a system announcement from a handset by dialling the code 266.
Admins have the option to update it at any time.
That's it! You have successfully set up your account security settings.
If you need further assistance, our support team is available by submitting a ticket or by calling us at 777.
Comments
0 comments
Article is closed for comments.