Security Settings for a realm allow you to determine Login access to your Realm as well as link tracking security. To access and manage the Security Settings:
- Go to CUSTOMER CENTER > REALM MANAGEMENT > EDIT REALM.
- Scroll to the option Security, and click Configure IP and Password Settings.
- In order to customize security settings, select Specify Settings, then make your selection from the options below. Click SAVE to save the changes, or click CANCEL to ignore any changes and return to Edit Realm.
By default, all options are disabled and the password policy is as follows:
- Minimum Length 9 characters
- Expires 90 days after last change
- Must include each of the following
- Lower-case letter
- Upper-case letter
- Numeral
- Repeated characters are allowed
Security Options
The Security Settings page displays the following options for your Realm.
- Password Policies: Requirements to create a password for logging into the system.
- Password Length: Minimum characters required to create a password. Length may be set from 8 to16 characters.
- Character Requirements: Options for character limitations to create a valid password
-
- Lower-case letter
- Upper-case letter
- Numeral
- Special character
- Repeated characters
-
- Expiration Period: The number of days after which a password will expire since the date it was last updated. Period may be set from 1 to 9999 days.
- Allow Reuse: The same password may be used in consecutive expiration periods
- Force Expiration: Click to expire all passwords for all Users in the Realm
- Apply to Children: Force all child realms to use the same policy
- IP Policies: Restrict login to one or more IP addresses. Only users logging in from a specified IP or range will be allowed access.
- IP Restriction: List of IPs allowed to log into the Realm, separated by blank space or commas (e.g. 63.211.217.*, 63.214.*.*).
- Temporary IPs: Allow users to specify temporary IPs if the IP is not in the allowed list
- Apply to Children: Force all child realms to use the same policy
- Multi-Factor Authentication: When enabled, a unique 6-digit numeric code is generated and sent to the user attempting to log in. That 6-digit number must be entered within 15 minutes in order to gain access to the account.
- Multi-Factor Authentication: Require multi-factor authentication (MFA) to login.
- Apply to Children: Force all child realms to use the same policy
- URL Policies: Options that affect access to certain features when security policies prevent redirecting
- Block Unvalidated Redirects: Block Redirects to a URL. For example, the &goto= URL defined in a Subscribe link will be ignored. This affects the following subscriber related links:
-
- Subscribe, Unsubscribe, and Cancel links and forms (listctrl)
- Unsub - Alternate version of ListCtrl Unsubscribe link (listunsub)
- Subscribe Confirmation - Link to confirm a listCtrl subscription request (confirm)
- Profile Manager - deprecated feature to manage subscriptions (sie)
- Set Data - URL to change subscriber data (setdata)
- Data Set - Form to change subscriber data (data_set)
- Forward to a Friend - link to share a campaign message to one or more friends (ftaf)
- Alias Email - Form to collect data and then email it to a recipient (alias_email)
- Folders - Manage folders via the UI for articles, templates, lists, and segmentation rules
-
- Block Unvalidated Redirects: Block Redirects to a URL. For example, the &goto= URL defined in a Subscribe link will be ignored. This affects the following subscriber related links:
- Protected Workflow Approval: Enable a two-step process to approve campaigns deployed with the Workflow option. When the user receives the Workflow Approval email, the options to Approve, Resend, and Cancel are replaced with a link to Continue. The user must enter a PIN for each Workflow Approval enabled campaign deployed.