Description: Customize your Lighthouse Transaction Manager (LTM) login details to meet several security requirements with the instructions below.
- Log in to your LTM Account Administrator.
- Navigate to the Settings drop-down.
- Select Security Settings.
- On the User Security page, you can set up many restrictions regarding LTM user logins.
- You can configure the following:
- Security Programs: If you would like to comply with a specific organization's security requirements, such as PCI DSS, select this from the list. The required settings will automatically fill in to meet the requirements of the selected security protocol.
- Minimum Password Length [Required]: Customize the required minimum digit length from 4 to 16 digits.
- Composition Requirements [Required]: Specify if the users must use alpha, numeric, uppercase, or punctuation characters for their login passwords.
- Require Password Change: Specify how often a user must update their password between one week to one year.
- You can also prevent users from using up to their previous five passwords.
- Lockout Users After [Required]: Set the number of allowed login attempts before being prompted for visual verification, which can be configured from 0-8 failed attempts. You can also set the number of failed visual verifications allowed, which can be from 1-8 failed attempts.
- Lockout Duration [Required]: Determines how long a user is locked out after failing to log in.
- Customizable between five minutes to indefinitely
- The default is 30 minutes
- Require User Email Address: Requires that user accounts enter an email address upon sign up.
- This changes the user's options of resetting their own login access should they lock themselves out.
- Auto Disable Stale Users: Disables a user login after an extended time period of not logging into the user account, customizable between one week up to two years; there is an option to bypass this setting for specific users.
- Enforce Scheduled User Work Shifts: Enforces restrictive login times for users.
- If a user is past their assigned shift, they will be unable to log in until the specified day/time occurs again.
Important: Do not enable this option unless you have already created user shifts and assigned them to your users. Otherwise, you will lock yourself and your users out of the system.
- If a user is past their assigned shift, they will be unable to log in until the specified day/time occurs again.
- Require Multifactor Authentication: Requires users to enable either Shift4 Authenticator or Google Authenticator for their user login.
- This can be set to "Reminder Only" or "Required."
- Once you have set all of your required or optional settings, click Apply at the bottom to save these settings.
Note: After selecting Apply, if a user's password does not meet the current required settings, they will be prompted to change their password to the required details upon their next login.
Comments
0 comments
Please sign in to leave a comment.