This article mentions what you can do on the "Security" page of Team admin.
This function is available on Enterprise plan.
・ What's Security function?
・ Password policy
・ Login notification
・ Account lockout
・ Reset member's password
・ Login history
・ Security policy on Unipos
▼What's Security function?
- Password Policy
You can set details for passwords such as the length, complexity, restrictions on using past passwords, and expiration.
See also: Setting Password Policy - Password Resetting (Admin only)
See also: Reset Members' Passwords
- Account Lockout
Account lockout can be activated when a user fails to login consecutively. Account can be locked for a designated period of time or the user must reset the password in order to log in again.
See also: Lock an Account After Consecutive Login Failure
- Login Notification
When a user logs in to Unipos, they can receive a notification e-mail.
See also: Set Up Login Notification E-mail
- Login History
The login data for the past 180 days can be searched and displayed.
Info we can display: Date and time, e-mail address, login results (successful/unsuccessful), device information (OS: browser), and IP address
See also: Check Login History
- Session Timeout
When a user is idle for a certain period of time, the session can be terminated.
See also: Set Up Session Timeout
▼Password policy
>Click "Team Admin" in the sidebar on the left.
>Click "Security" in the sidebar on the left.
>Click "Security Settings."
>"Password policy."
You can set up a password policy to enhance security by editing conditions for password history, number of letters, letters to use, etc. Please see below for details.
▽Password policy you can edit:
・Minimum number of letters for password (8 letters and up)
(The default setting is 8 letters.)
・Restrictions on password letters
You can choose the conditions on password letters from below:
- No restrictions
- Include half-width alphanumeric letters.
- Include half-width alphanumeric letters, upper-case letters, and lower-case letters.
- Include half-width alphanumeric letters and signs.
- Include half-width alphanumeric letters, upper-case letters, lower-case letters, and signs.
・Restrictions on using past passwords
You can choose whether users are allowed to reuse their past passwords.
Example) If you set "1 generation", users can't reuse their previous password but can reuse any passwords older than that.
・Password expiration
You can set up expiration period for users' passwords.
Example) If you set "90 days", passwords will be expired 90 days after registration and will need resetting.
▼Login notification
>Click "Team Admin" in the sidebar on the left.
>Click "Security" in the sidebar on the left.
>Click "Security Settings."
>"Login notification."
Users can receive a login notification when they login to Unipos. This will allow users to identify unauthorized login by third parties in a timely manner.
▼Account lockout
>Click "Team Admin" in the sidebar on the left.
>Click "Security" in the sidebar on the left.
>Click "Security Settings."
>"Account lockout."
This function is available to protect accounts from attackers' attempts to guess users' passwords. If login attempts keep falling through after a certain number of times, the account will be locked for a designated period of time.
This is applicable when users themselves fail to enter their correct user name and password.
▽What you can modify
・Number of Login Failures
The number of login failures allowed before the account is locked. Leave blank to disable it.
・Account Lockout Time
The length of time before the account lockout is cancelled. Leave blank to disable it.
▽When an account is locked...
・The account can't be accessed even when the correct password is entered.
(Account lockout won't be notified on the login screen.)
・An e-mail will be sent to the entered e-mail address to notify that there may have been unauthorized login attempts.
※If you need to use the locked account right away, please reset your password here or request the admin to reset your password.
▼Reset member's password
Use this function when:
- You want to protect an account.
- You want to unlock an account.
- You want to reset a password for a user who has forgotten their password.
▽How to set up ※You can't reset all members passwords at once.
> Click "Team Admin" in the sidebar on the left.
> Click "Member" in the sidebar on the left.
> Choose a member you want to reset the password for.
> Click "Reset Password."
> Click "Reset."
The member will receive an e-mail to reset the password.
▼Login History
>Click "Team Admin" in the sidebar on the left.
>Click "Security" in the sidebar on the left.
>Click "Login History."
The system admin can monitor the history of login attempts in Unipos for the last 180 days.
▽The following information will be displayed:
・Date and time(The data and time is based on the team's registered time zone.)
・E-mail address used for login ※
・OS/browser information
・IP address
※You can search by e-mail address only. (Your input must exactly match the registered e-mail address.)
If you leave the e-mail address field blank, you can see the login history for all accounts.
▼Security policy on Unipos
Transmission encryption All transmission is encrypted with SSL/TLS.
Database encryption
All of our data stored by our members are valuable. Our data is saved in the encrypted database.
Reliable data center
Google has proven performance and excellent reliability.
We proudly use Google Cloud Platform:
https://unipossupport.zendesk.com/knowledge/articles/360031102672/ja?brand_id=360002333191
Cleared vulnerability assessment based on international security standard
Unipos has cleared a vulnerability assessment performed by a third-party organization. The assessment was based on ASVS 3.0 Level 1, which is an international diagnostic standard for software systems.
Secure information management
Unipos has obtained international security standard, ISO27001 (ISMS). We continue to strive for secure information management through third-party security audit.
See more details here.
All stored information, such as posted content and personal information, is encrypted and stored.