How Can We Make PIMSY Secure?

PIMSY includes system settings which can be used to enhance security within your PIMSY application.

From the top navigation menu, go to:

Administration > System Settings

-1 Login Attempts
- This setting allows you to set the number of login attempts a user gets before their account is suspended. This is a security measure that helps prevent unauthorized access to the system.
-2 Session Lock time in Minutes
- This setting allows the administrator to configure how long the users will remain logged on while they are inactive. This is a security setting to help prevent unauthorized access to the system while users are away at from their computer.
-53 User Password Validation
- This setting allows the administrator to configure the requirements for user's passwords, such as requiring a certain amount of characters, special characters, etc.
-283 User Password Change Months
- This setting allows you to list the specific months for which you want users to change their password. On the first of each of those months, the system will force the user the change their password the next time they log in.
-674 Login - Allow Desktop Application to Remember User Logins
- This setting when True will allow the system to remember users' login username (Not Password) so the next time they open PIMSY they won't have to type it.

-644 PORTAL - Require a Client Email address to go along with all portal logins
- This setting when True will require an email address be entered in on the client's chart when the portal login information is set up. A setting of false will bypass this requirement. Email addresses are useful if the client forgets their password.
-661 Client Portal Password Validation
- This setting allows administrators to set up password validation using regular expressions for the Client logins on the Client portal.
-678 Client Portal Password Expiration in Days
- This setting sets how long a client portal password remains valid, starting from the time you send the initial credential email. This system will remove the password from the portal login upon this expiring, and a new password must be generated.
-687 Client Portal Login Format when Email is sent
- This setting will automatically generate and save a client login username based on the shown format templates in the setting description.

-794 MFA - Enrolled - Staff
- This setting when True will allow the system to send Multi Factor Authentication messages to Staff. Messaging rates will apply. Staff will need an email address or cell phone number on file for setting to be effective.
-797 MFA - Interval in Days
- This setting will determine how long a login is good for before it needs to be validated via MFA.
-863 MFA - Restrict Options
- This setting allows you to set which options are available (email or text) for use. Use ALL, SMSONLY, EMAILONLY

-92 Prohibit users from viewing clients assigned to other locations
- This setting filters out the clients on a variety of screens where the default location on the client does not match a location the user is assigned to. Users are assigned to locations via user groups. This setting will even affect users whose profile is set as a Client Admin.
-95 Prohibit users from viewing clients assigned to other divisions
- This setting filters out the clients on a variety of screens where the default division on the client does not match a division the user is assigned to. Users are assigned to divisions via user groups. This setting will even affect users whose profile is set as a Client Admin.
-106 Prohibit All uses from seeing user pay information in the SAL Multi-User screen
- This setting when set to True hides the user payroll columns in the SAL Multi-User screen from all users in the system.

Related to

Search