Page Details: Security Settings
The Security Settings page is used to configure various settings associated with inContact WFO Web Portal security.
This
For more information, see Configuration & Settings Overview.
Site Settings
Site Settings are used only in installations that include both inContact WFO and inContact Workforce Management v1 to enable users to log in to one web portal and then access the other portal without having to log in again. If
- Clarity
- Displays the IP address or host name of the server hosting the inContact WFM v1 Web Portal. This address includes a port number if both web portals are hosted on the same server (for example, http://192.168.0.1:8008). The address must begin with http:// (or https:// if SSL is in use).
- Discover
- Displays the IP address or host name of the server hosting the inContact WFO Web Portal. The address must begin with http:// (or https:// if SSL is in use).
Forgot Password Settings
- Password Max Length
- Displays the maximum number of characters a password can contain. There is no minimum requirement unless you enforce password strength; see PCI Settings.
- Password special characters length
- Displays the number of special characters the password can contain. There is no minimum requirement unless you enforce password strength; see PCI Settings.
- Mail Subject
- Displays the subject line of the email users receive when they click the "Forgot Your Password?" link.
- Mail Body
- Displays the body of the email users receive when they click the "Forgot Your Password?" link.
Active Directory Settings
Settings in this section are
Login Settings
Settings in this section are not used by inContact WFO in the cloud.
PCI Settings
PCI Settings are optional settings that control password policy for inContact WFO user accounts, based on the PCI Security Standards Council's Data Security Standard (viewable at their website). Passwords are automatically "salted" by inContact WFO, and password changes are tracked through both the Audit Log and the System Activity Summary Report.
Changing these settings in the web portal does not automatically force users to change their passwords. The settings do not affect users until their passwords are changed, either by the user or an administrator. To enforce PCI settings,
These settings apply only to database user accounts and do not impact Windows accounts used with hybrid or AD authentication.
- Password Strength Enforcement
- When the checkbox is selected, forces all new passwords to be a minimum of eight characters in length and to contain at least one of each of the following:
- lowercase letters
- UPPERCASE letters
- Numbers
- Special characters
The default value is not selected.
- Prompt User to Change Password Before Expiration
- When the checkbox is selected, controls how long a password can remain active. This applies to all inContact WFO accounts, including those with superuser access. Must be used in conjunction with one or both of the following two settings, which appear only if this option is selected.
- Number of Days Before Password Expires
- Available only if Prompt User to Change Password Before Expiration is selected. Specifies the number of days a password can remain active. This value cannot be set to 0. The default value is 1.
- Number of Days of Warning Before Password Expires
- Available only if Prompt User to Change Password Before Expiration is selected. Specifies the number of days in advance inContact WFO will warn the user that their password is about to expire. Setting this value to 0 causes all passwords to expire immediately. The default value is 1.
- Prevent Re-use of Password
- When the checkbox is selected, password changes are checked against a password history to prevent reuse. inContact WFO does not trace passwords unless this feature is enabled, so the reuse look-back will not consider or compare passwords used before this setting was enabled. Must be used in conjunction with one or both of the following two settings, which appear only if this option is selected.
- Number of Previous Passwords to Check
- Available only if Prevent Re-use of Password is selected. Specifies how many historical passwords inContact WFO will check to see if the password has previously been used.
- Number of days between password change
- Available only if Prevent Re-use of Password is selected. Specifies how many days of password history inContact WFO will check to see if the password has previously been used.
- Limit failed login attempts
- When the checkbox is selected, user accounts are locked after a specified number of failed login attempts has been reached. Locked accounts must be unlocked by an administrative user before the user may attempt another login. Must be used in conjunction with one or both of the following two settings, which appear only if this option is selected.
- Maximum number of failed login attempts to allow
- Available only if Limit failed login attempts is selected. Specifies the number of times a user can attempt to log in before their account is locked. The default value is 0.
- Lockout Superuser after limit reached?
- Available only if Limit failed login attempts is selected. When the checkbox is selected, failed login settings apply to all accounts, including those with superuser access. When the checkbox is cleared, superuser accounts cannot be locked out.
Administrative users can manually change a user's password to anything that meets the complexity requirements in force, including previously used passwords. This setting affects only users changing their own passwords.
HTTP/HTTPS Settings
Settings in this section are not used by inContact WFO in the cloud.
- Force the site to use HTTPS
- When the checkbox is selected, inContact WFO secures web browser cookies (ASP.NET_SessionID) by setting the secure flag. This prevents cookies from being sent across non-https connections and is a PCI-compliant feature.