Security Options

Allows WebEOC Nexus users to edit and maintain their own user accounts. If this feature is not enabled, the account name appears as static information in the profile menu and all changes to user accounts must be performed by a system administrator. When enabled, the user account name appears as a link.

See Allow Users to Edit Their Accounts for more information.

Allows users to update their first and last names in Juvare Login Services. This option allows users to modify their names in their profile. If modifying names conflicts with your security implementation, clear this checkbox.

See Allow Users to Edit Their Accounts for more information.

Requires that the password contains at least one uppercase letter, at least one lowercase letter, at least one number, and at least one special character.

Juvare recommends that you enable this feature.

Sets the number of days a password is valid before it expires. When the number of days is exceeded, the user must change their password at their next log in attempt.

Set this number to zero (0) if you do not want passwords to expire.

Juvare recommends that you choose 180 days.

Requires a specified character length for passwords.

Set the character length to zero (0) to remove the character count requirement.

Juvare recommends that you set a minimum password length of 8 characters.

Determines the number of unique new passwords that can be associated with a user account before an old password can be reused.

If enabled, a user cannot repeat a password for the number of times you specify in the Password History field.

Sets the number of unique passwords a user must exhaust before they can repeat a particular password. See Enforce Password History (above).

For example, if Password History is set to 3, the first password may not be reused until three unique passwords have been used.

Sets the number of failed login attempts allowed before an account is locked.

As the administrator, you can log in to WebEOC Nexus to manually unlock a user account.

Set the threshold to zero (0) to allow an unlimited number of login attempts.

Juvare recommends that you set this number to 3.

The built-in WebEOC Nexus administrator account cannot be locked regardless of the threshold value.

Sets the length of time that must elapse before the system processes another login attempt.

See Account Lockout Threshold (above).

Set the duration to zero (0) minutes to lock the account until it is manually unlocked by an administrator.

Juvare recommends that you set the lockout duration to 30 minutes.

Sets the number of days an account can be inactive before it is locked. If a user exceeds the inactive time period, they cannot log in.

Leave this field blank, or set the duration to zero (0), to allow the user account to remain active until the administrator manually disables or deletes the account.

Ensures that the total disk space allotted for data files uploaded into the WebEOC Nexus database is limited to a specific number of megabytes; this includes files and attachments added through the File Library, MapTac, Messages, and status boards.

Juvare recommends that you enable this feature.