Security can be accessed through the SatuitSIP® Investor Portal -> Portal Admin menu within Satuit. The Portal Admin menu is only available to users with Portal Admin permission.
Security allows you to manage the portal login rules affecting each portal user. Update these as you wish, and press save when done.
Password Rules
The password configurations below can be set by the System Administrator. The default values are in parenthesis.
- Session Time Out (90 minutes) – This is the number of minutes that Satuit will keep an inactive session open before automatically logging off. The limitations on the password time outs can be between 10 minutes and 500 minutes
- Characters Max (30 characters) – This is the maximum number of characters in a password. This value should be between 4 and 30 characters
- Characters Min (4 characters) – All passwords should contain at least 4 characters. Min Characters cannot be negative, or more than the Max Characters set above
- Numerals Max (30 numerals) – This is the maximum number of numbers that can be in a password. This value should be between 4 and 30 numerals
- Numerals Min (4) – This is the minimum number of numbers that can be in a password and cannot be negative or more than 30. Min Numerals should be less than Max Numerals
- Special Characters Max (30) – This is the maximum number of special characters that can be in a password. This value should be between 0 and 30 characters
- Special Characters Min (0) – This is the minimum number of special characters that can be in a password. This value should be less than the Special Characters Max number and cannot be negative
- Expiration Days (90 days) – This is the number of days before a password expiring and should be between 30 and 180 days
- Grace Period (10 days) – This is the number of days that a user ID and password will remain active after the password has expired. This value should be within 0 and 10 days
- Count Down (15 days) – This is the number of days before a password expiring that Satuit will remind the user to change their password when they log in. The value of the countdown should between 0 and 15 days
- Recycle Limit (2 times) – The Recycle Limit is the number of times a password needs to be changed before it can be reused. This should be within 0 and 20 times
- Failed Attempt Max (3 times) – This is the number of times that a user may attempt to login with an incorrect password before getting locked out. The maximum number of failed attempts should be within 1 and 3
- Lockout Minutes (10 minutes) – This is the number of minutes that Satuit will lock a login after the number of failed attempts has reached the maximum number above. This lockout time should be within 10 and 30 minutes
- Show Passwords and Security Answers checkbox – By selecting this checkbox the option within your browser to save passwords is disabled
User Additional Authentication & Frequency
SatuitSIP® uses a two-step Authenticator which is a software token that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP), for authenticating users.