Configuring Security Settings

Security Settings establishes baseline security requirements, password policies, authentication options, and email communication templates that apply across all user types and Security Roles in your Magentrix portal.

Requirements

To configure Security Settings, you must have:

• Administrator System Role permissions

Configuration Process

Accessing Security Settings

1. Navigate to the Setup Home page
2. Click Manage > Company Preferences
3. Click Edit
4. Select the Security Settings tab
5. Configure the relevant sections
6. Click Save

Security Settings Configuration Sections

General Settings

Purpose: Controls core portal security features including session management, maintenance mode, and file upload restrictions.

Session Management

• Session Timeout: Select automatic logout period for inactive users
  • Available options: None, 15 Minutes, 30 Minutes, 1 Hour, 2 Hours, 3 Hours, 4 Hours, 8 Hours, 7 Days, 30 Days
  • Determines how long users remain logged in before the server terminates their session

Security Policies

• Cookie Policy: Select SameSite cookie policy for enhanced security (typically "Private")

• Enable Maintenance Mode: Check to activate maintenance mode for system updates or troubleshooting

• Under Maintenance Message: Enter message displayed to users during maintenance mode (e.g., "We are currently making an update to our system. We will be back shortly.")

File Security

• File Upload Allowed Extensions: Configure permitted file types for upload
  • Default Extensions: cs,js,avi,bak,bin,bmp,cap,cer,cpp,crt,css,csv,dat,dll,doc,ebm,ebp,EIC,eml,ert,fif,gif,htm,ico,iff,ist,jpg,jpeg,log,lsm,lsx,mkv,mov,mp3,mp4,mpx,ocm,ocx,ote,ovy,pdf,peg,pem,pfx,png,ppt,psd,pst,ptx,rar,rtf,shx,son,sql,svg,swf,tch,tml,txt,vif,wav,xls,xml,zip,docx,xlsx,pptx
  • Comma-separated list of permitted file extensions

Authentication Settings

Purpose: Configures two-factor authentication and advanced user authentication features.

Two-Factor Authentication

• Two Factor Authentication Enabled: Check to enable 2FA system-wide
  • Provides additional layer of security by requiring users to verify their account via Email or SMS
  • Users will require both password and authentication code from their mobile device/email to sign into their account
• Manage Two Factor Authentication Settings: Link to configure detailed 2FA settings

Advanced Authentication

• Re-Enable User Upon Login: Advanced setting that allows inactive users to be automatically re-activated upon login attempt
  • Important: This setting is only configurable by the Magentrix team for security reasons
  • Security Warning: May allow unauthorized portal access - requires careful consideration

Single Sign-On Settings

Purpose: Configures SAML 2.0 and SSO integration for external authentication systems.

SAML Configuration

• Single Sign On (SAML) Enabled: Check to enable SAML 2.0 authentication from external identity providers
  • Configure single sign-on to allow authentication from external environments
• Manage Single Sign-On Settings: Link to configure detailed SAML settings and identity provider integration

Custom Authentication

• JWT and Custom SSO: Available through custom development on a case-by-case basis
  • Contact Magentrix team for JWT or other custom authentication requirements

Password Settings

Purpose: Establishes password requirements and account security policies for all users.

Password Requirements

• Minimum Password Length: Select minimum character count (e.g., 10 characters)
• Password Complexity: Choose security level requirements:
  • Low: No restrictions on password content
  • Medium: Must include number and capital letters
  • High: Must include special characters (in addition to numbers and capital letters)

Password Lifecycle

• Password Expires: Select mandatory password change frequency:
  • Available options: Every 60 days, Every 90 days, Every 180 days, Every 360 days

• Remember Password History: Select number of previous passwords to prevent reuse
  • Prevents users from recycling recently used passwords

Account Lockout Protection

• Maximum Invalid Login Attempts: Set limit for failed login attempts before account lockout (e.g., 5 attempts)
• Lockout Period: Select account lockout duration in minutes (e.g., 15 minutes)
  • After lockout period expires, users may attempt to log in again

Password Recovery Options

• Forgot Password Behavior: Choose password reset method:
  • Recover using security questions: More secure option requiring users to answer security questions
  • Recover with new temporary password: Easier for end-users but less secure option
• Use Preset Security Questions: Check to enable preset security question options for password recovery

Email Communication Settings

Purpose: Configures email templates for automated user account and password management communications.

User Account Email Templates

• New User Template: Select template sent when new user accounts are created
• Activation Template: Select template for user account activation notifications
• Reset Password Template: Select template sent when administrators reset user passwords
• Forgot Password Template: Select template sent for self-service password reset requests

Template Management

• Templates are customizable to match your organization's communication style
• Each template includes dynamic fields populated with user-specific information
• Templates support both HTML and plain text formats

New User Activation Reminder Settings

Purpose: Configures automated reminder emails for users who haven't completed initial login.

Reminder Configuration

• New User Activation Reminders: Check to enable reminder email system for inactive new users
  • System will send reminders to new users if they don't log in after member creation
• Reminder Email Template: Select template used for activation reminder emails
• First Reminder: Set number of days before sending initial reminder (can be overridden by Security Role settings)
• Second Reminder: Optionally set number of days for follow-up reminder (can be overridden by Security Role settings)

Security Best Practices

Password Policy Strategy

• Balanced Security: Choose password complexity that balances security with user experience
• Regular Updates: Set reasonable expiration periods that maintain security without excessive user burden
• Account Protection: Configure lockout settings to prevent brute force attacks while minimizing user inconvenience

Session Management

• Timeout Planning: Consider user workflow patterns when setting session timeouts
• Security vs. Usability: Balance security requirements with user productivity needs
• Administrative Access: Plan maintenance mode usage to minimize business disruption

Authentication Integration

• 2FA Implementation: Gradually roll out two-factor authentication with user training and support
• SSO Planning: Coordinate SAML/SSO implementation with IT security and identity management teams
• Custom Requirements: Engage Magentrix team early for custom authentication needs

File Upload Security

• Extension Management: Regularly review allowed file extensions based on business needs and security requirements
• Risk Assessment: Consider security implications of each permitted file type
• User Training: Educate users about safe file upload practices

Ongoing Security Management

Regular Review Tasks

• Password Policy Evaluation: Assess password requirements effectiveness and user feedback
• Authentication Monitoring: Review 2FA adoption rates and authentication success metrics
• File Upload Auditing: Monitor uploaded file types and identify any security concerns
• Email Template Updates: Keep communication templates current with organizational changes

Incident Response

• Account Lockout Management: Establish procedures for handling locked user accounts
• Password Reset Support: Train support staff on password recovery assistance procedures
• Security Incident Protocols: Develop response procedures for authentication-related security events

Security Settings provide the foundational security framework that protects all users and data across your Magentrix platform while enabling secure, authenticated access for legitimate users.

See also:

• Assigning a Custom Domain Name to Your Site

<< Configuring System Settings | Configuring Members Settings >>