Security Settings



HTTPS Required enable the forcing of all users to HTTPS/SSL.

HTTPS for Login enable the forcing of HTTPS/SSL when logging into the system.

Login Session Timeout (minutes) set a number of minutes a users can stay logged into one session. The default is 2,880.

Disable Remember Username on Login disables the system from remembering logins.

Disable Remember Username on Mobile Login disables the system from remembering logins on the Mobile login page.

Password Auto-complete enables auto-complete for the password form value. This may however be overwritten by the user's web browser.

Password Auto-complete Mobile enables auto-complete for the password form value. This may however be overwritten by the user's mobile web browser.

Password Minimum Length enforces a minimum character length for passwords whenever a new password is entered for a new user or an existing password is changed.

Password Strength allows for a selection of password policy rules, such as "contains both uppercase and lowercase values."

Password Strength Error Message will automatically populate based on the selected password strength and allow for manual editing of the message the user will see.

Maximum Failed Login Attempts enables a user to be stopped from logging in following a certain number of incorrect login entries.

User Lockout Period (Minutes) defines the time period that the user attempting the failed login must wait before attempting to login again.

Password Expiration Period (Days) sets the number of days for password validity. Following the password expiration, the user must change their password. This expiration resets automatically whenever the user changes their password.

Previous Number of Passwords Excluded will track the entered number of passwords after it is turned on. The number entered includes the current password, so it must be a value of at least 1 if the users are not to be allowed to re-enter their current password. It will not start tracking the set number of passwords until after it is updated. If it is changed from 1 to 3, then the setting cannot be enforced until the user has updated their password another two times following the update.

Enable SSO Auto Registration enables SSO Auto Registration for IP authenticated users.

Enable Box Single Single Sign-On (BETA) enables Box integration so that Project Insight folders can be mapped to Box folders and files. Enabling also adds a user profile data field within which the user's Box login ID is managed



Configure Single Sign-On (SSO) allows up to three separate SSO certificate authorities. This is an advanced option which should only be used in collaboration with a network engineer who is intimately familiar with your internal network architecture and has experience setting up token servers within your network for other services. See the Single Sign-on Overview topic for detailed configuration information.

Online 10/14/2016