Login App Security Settings

From Social ID Developers
Jump to: navigation, search

Introduction

Each Login App can have its own security settings for the Registration-as-a-Service (RaaS) feature. The available configurations are designed to follow the Data Security Standard from Payment Card Industry (PCI DSS).

The Security Settings page can be accessed directly from the Login App dashboard:

Login app security button.png

Repeated Access Attempts Configuration

Repeated Access Attempts defines whether the user will be locked after too many failed login attempts due to incorrect password.

  • Limit controls how many incorrect login attempts are required to lock the user.
  • Lockout controls the time interval for the lockout in minutes.

The user must have limit failed login attempts in a time window of lockout minutes to get locked. The user will then be locked for lockout minutes before he can try to login again.

Login app security repeated access.png

Repeated Passwords Configuration

Repeated Passwords defines whether a new user password must be different from previously used ones. This setting applies to both user update and user reset password APIs.

  • Limit controls how many previously used passwords are considered.

Login app security repeated passwords.png

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox