Follow

Managing login and password settings

 

Enabling login/logout (SSO users)

The Login settings can be found by clicking the Admin Settings link in the Main Navigation and then going to Governance > Manage login controls. Here you will find multiple options to help configure the login settings for users within your organization.

At the top you will find the basic Login settings, where you can choose to disable passwords and if logging out will also log you out of your SSO system. We strongly recommend that Password logins should always be enabled for obvious security reasons. If you use your SSO system for other services in addition to Jostle, we recommend keeping the Jostle logout separate from your SSO system. For information on SSO Mobile login options, see this article.

loginSettings-sso.png

 

Enabling Multi-Factor Authentication (MFA)

Enabling Multi-Factor Authentication (MFA) for your intranet provides an additional layer of security for your organization.  

To log in with MFA, users will first be required to install and set up an authenticator app (for example, the Google Authenticator) on their mobile device or tablet. Then, users will be required to enter their account password as well as one-time, randomly-generated passcode from the Authenticator in order to successfully log in.

Requiring a user’s knowledge (their password) and a user’s possession (their mobile device) in order to verify their identity can ensure the security of your intranet far beyond basic password-protection.

When creating your login settings there is the option to make MFA login Mandatory, Optional or Disabled for your users and/or System Administrators. It is recommended that it at least be enabled for all System Admins within your organization.

To set up Multi-Factor Authentication:

  1. Click on the Admin Settings link at the bottom of the Main Navigation
  2. In the Administration settings, go to Governance > Manage login controls
  3. Under Multi-Factor Administration (MFA) select your option.
  4. Scroll down and click Save.

mfa05a.PNG

NOTES

  • Selecting "Mandatory" will automatically check off "Required for System Admins".
  • If MFA is currently enabled, selecting "Disabled" will delete all Contributors’ current MFA settings. If MFA is then re-enabled, they will have to go through the MFA setup process again.
  • Resetting a Contributor's password from the Edit Contributor screen will require that user to reset their password as well complete the MFA setup process again.
  • If a user selects the "Forgot Password" link on a login screen, they will only need to reset their password and can continue using their current MFA configuration.

 

Logout Configuration 

In Administration settings > Platform > Login settings, you'll find options to configure automatic logout from Jostle. You can set the time duration for when an automatic logout occurs, and can be used to help with user account security if Jostle is being used in on-site computers within your organization. Automatic logout is also available for mobile, and can be left disabled if users frequently use the mobile app on their personal devices.

 

Disabling/Re-enabling login

If you need to disable/re-enable someone's login:

  • Go to Administration settings > User accounts and data > Edit, Invite, Disable users 
  • Search for the user and then click EDIT next to their name
  • Scroll down to Account status and check/uncheck the box "Disable login for this person"
  • Click on Save changes at the bottom of the screen

disableuser.PNG

NOTE—this action can also be done on multiple users in bulk via CSV (by changing a user's value under AccountState from "Active" to "Disabled"). For information on how to bulk manage data, please see this article.

Password settings

At the bottom you will find Password settings and can be used accordingly to help reduce security risks. You can choose to enforce strong passwords and/or have users change their passwords after a certain number of days.

loginSettings-password.png

 

If you choose to enable strong passwords, contributors will get the following screen letting them know the password requirements.

strongpass.png

 

You can also manually have all users change their passwords upon their next login by clicking ‘Reset passwords’ at the very bottom of the page.

Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request

4 Comments

Date Votes
  • 0
    Avatar
    Kari Pearson

    It would be nice to have a link on this page that will take us to the password settings page. It is difficult to know where I am to go now, where is the admin pages>platform>log in settings?

    I am still as lost as I was when I tried to find this page.

    Not helpful at all. Why not just have a page that will take me to where I want to go?

  • 1
    Avatar
    Brad Palmer

    Moving this to a support ticket.

  • 0
    Avatar
    Cindy Owen

    How do I initiate a rehire? Do I have to "Create" this employee again?

     

  • 0
    Avatar
    Brad Palmer

    Hi Cindy,

    You can either Delete or Disable users. If you Delete them, they are in fact deleted. If you Disable them they cannot log in, but their information remains and you can reenable them. This all happens at Administrative Settings > Contributor configuration > Edit/delete Contributors.

    Brad

Please sign in to leave a comment.