How To Manage Security Settings

This video tutorial covers security settings.

Topics covered in this tutorial:


Tutorial Video Transcript

Hello and welcome to MIDAS tutorials.

In this tutorial I'm going to show you how you can manage security settings within the system.

You can access these by going to MIDAS Admin Options, selecting "Manage MIDAS" from the drop-down, and the "Security" tab.

And you'll see there's a section here for password settings.

So you can specify a minimum password length for all user passwords.

You can also force password expiry on a recurring interval.

This isn't something we recommend as evidence shows that forcing users to change their passwords causes them to choose less secure ones.

However this setting is included for legacy reasons, because we are aware that a number of organizations still have a policy that they require regular password expiries.

The ability to "Offer to save credentials" - this controls the "Remember Me" tick box the users see on their login screen.

So you can disable this, or make it unselected, or selected by default.

You can also change how long reset links for passwords are valid for.

So if a user's forgotten their password and triggers a reset email containing a link to reset their password, this setting allows you to specify how long those links remain valid for.

You can also enable two-factor authentication, which means that whenever users try to log in with their email address and password, MIDAS will send them a six digit code to their email address that they also need to enter in order to complete their login.

A demonstration of how this words can be seen in one of our other video tutorials covering logging in.

Below this is a section on session control.

So for added security you can have MIDAS automatically log out users if they've been idle after a period of time.

You can also specify an absolute logout to prevent users being logged in longer than your workday.

If your MIDAS is licensed for more than one user account, you'll also have an option to allow multiple logins by users.

When enabled this means that each user account can be logged in from multiple devices, locations, or browsers concurrently.

If you uncheck this option then each user account may only be logged in from one device at a time.

So for example with this unselected, if I log in on my Mac and then try and log in on my PC, it will automatically log out my MIDAS session on my Mac.

The final setting in the session control is the maximum number of invalid login attempts you wish to allow.

If someone attempts to log into a user account more than this value, the account will automatically be suspended and the user account in question will be emailed a link to regain access to their account.

On the right-hand side, the "Allowed IP Range" allows you to limit the IP address or addresses they may access your MIDAS system.

Below that is a setting as to whether you allow SSL connections to your server. We don't recommend you disable this, and we advise that this is either "Enabled" or "Forced".

If set to "Forced", then any attempts to access over HTTP will automatically be redirected to HTTPS.

And finally there's an option to perform a "Security Audit".

Now when you click this, MIDAS will run through a series of checks on your server and file permissions, and generate a number of advisories for you to action.

Thanks for watching and be sure to check out our other video tutorials online.

We also have a Knowledge Base article with some useful tips for keeping your MIDAS system secure, which I'd highly recommend that you check out.


Related Tutorials
How To Reset Your Password01:28
How To Customize Templates06:06
How To Login & Out03:43
How To Control & Customize Booking Fields05:56
How To Manage Appearance Settings01:40
How To Add, Modify, Or Remove A Booking Type02:40
How To Manage Invoice Settings05:38
How To Manage Email Settings02:27
How To Manage Public Settings05:41
How To Manage Safety Settings02:42
How To Manage Your Sessions01:48
How To Change Your Password01:03
How To Manage Database Settings02:45
How To Manage Scheduled Tasks02:28
How To Suspend A User Account00:55
How To Manage Print Settings01:53

Help Documentation

Subscribe to our YouTube channel