Use this page to configure various options and default settings that will apply to secure message recipient accounts, and to designate which options they will be able to configure for themselves in the web portal.
|
The Lost Password, Show Password, and Remember Device options below control whether or not their corresponding element will appear on the Secure Message Portal Login page. However, these options are contingent upon the recipient arriving to the portal via the appropriate URL: <SG BASE URL>/SecurityGateway.dll?view=login_ex. For example: "https://sg.company.test:4443/securitygateway.dll?view=login_ex". This is the URL used when creating the link that is sent to recipients to set up their accounts. Signing in as a secure message recipient sets a cookie so that if the user navigates to SecurityGateway's base URL (i.e. without the "view=login_ex"), he or she will still be redirected to the secure message portal. If the user navigates to the base URL on a machine where the cookie doesn't exist, he or she will still be able to log in, but those login page elements will be governed by the equivalent options located at: Setup » Accounts » User Options. For this reason, make sure that any published URLs intended for secure message recipients contain the appropriate "/SecurityGateway.dll?view=login_ex" ending. |
Access Control
Allow recipients to modify their passwords
Ordinarily recipient accounts are allowed to change their passwords in the secure message web portal. Clear this checkbox if you do not wish to allow them to do so.
Display the "Show Password" icon for password fields
Each password field contains an eye icon that a recipient can click to see the password he has just typed into the field. Disable this option if you do not wish to allow recipient accounts to see their passwords.
Allow recipients to enable Two Factor Authentication
Two Factor Authentication is an extra layer of security that requires you to enter both your password and a special security code generated by an authenticator app on your phone when signing in. Check this box if you wish to allow secure message recipients to configure their accounts to require Two Factor Authentication when signing in to the secure message web portal. When enabled, and the recipient signs in from a browser using a secure HTTPS connection, the Two Factor Authentication options will be available on the Account Settings page so that the recipient can set it up if he or she chooses.
Require users to enable Two Factor Authentication
Check this box if you wish to require all secure message recipients to use Two Factor Authentication when signing in. When this option is enabled, the first time a recipient signs in he will be presented with a Setup Two Factor Authentication page.
Allow recipients to be remembered per device (Requires HTTPS)
When this option is enabled, A "Remember me on this device" option will be displayed on the Secure Message Portal Login page whenever a recipient connects via a secure HTTPS connection. If the recipient checks the box, from that point forward he will be signed in automatically whenever he visits the portal on the same device, as long as he simply closes his browser when finished rather than using the "Sign Out" option. If he signs out then he will have to sign in again the next time he connects. The recipient will be remembered for the number of days specified in the Number of days... option below. After that, he will be required to sign in again. This option is disabled by default. NOTE: A "Do not remember me on this device/browser" option will be available to the Secure Messaging user whenever the Remember Me option is active on their current device or browser. They can click that link to cancel Remember Me on the device.
Number of days recipients will be remembered (from 1 to 365)
When using the Allow recipients to be remembered per device option, this is the number of days that the recipient will be remembered before being required to sign in again. This is set to 30 days by default.
Sign-in Options
Display the "Forgot Password" link on the Sign-in screen
By default, a "Forgot Password" link appears on the secure message portal Sign-in page, which can be used to email a link to the recipient to change his or her password. Clear this checkbox if you do not wish to display the "Forgot Password" link on the Sign-in page.
Show the below administrator contact information on the Sign-In screen
Activate this option and enter some text in the box below if you wish to include some administrator contact information or links on the Sign-in page. The text you enter in the box can contain some HTML, such as anchors and images.
Defaults
Language:
Use this drop-down list to set the default language that the server will use when it sends system-generated messages to secure message recipients. There is a corresponding option that you can use to set this option for specific users. Select a recipient on the Recipients page and then click Settings on the toolbar to access that option. Recipients can also override this setting for themselves on the Account Settings page in the secure message portal.
Check passwords against a compromised password list from a third-party service
SecurityGateway can check a recipient's password against a compromised password list from a third-party service, and it is able to do this without transmitting the password to the service. If a recipient's password is present on the list, it does not mean the account has been hacked. It means that someone somewhere has used an identical password before and it has appeared in a data breach. Unique passwords that have never been used anywhere else are more secure, as published passwords may be used by hackers in dictionary attacks. See Pwned Passwords for more information.
Use the drop-down list box to select how often you wish to check a password against the list since the last time that password was checked. You can choose:
•Never (Passwords are not checked against the list. This is the default setting.)
•A day since last checked
•A week since last checked
•A month since last checked
Number of items displayed per page:
This is the default number of messages per page that will be displayed to recipient accounts in the web portal. To set this option for a specific recipient account, select the recipient on the Recipients page and then click Settings on the toolbar to access the option. Recipient accounts can set the option for themselves within the web portal.
Terms of Use
Require recipient to accept terms of use below before they can login
Enable this option and enter text into the box, such as a terms of use statement, if you wish to require recipients to accept the statement each time they log in to the secure message portal. The recipient can accept the statement by checking a box.
New Recipients
Send an alert to global administrators when a secure message recipient is created
Check this box if you wish to send an alert to global administrators whenever a new secure message recipient account is created.
Check new recipient's password against 3rd party compromised password list
By default, each new recipient's initial password is checked against the compromised password list outlined above in the "Check passwords against a compromised password list..." option. Clear this checkbox if you do not wish to check new recipient account passwords against the list.
Exceptions - Domains
If you select a specific domain in the "For Domain:" drop-down list box at the top of the page when configuring these settings, that domain will be listed here after saving the settings. Click the View/Edit link for the corresponding domain to review or edit its Secure Messaging settings, or click Reset to reset the domain's settings to the default Global values.
