Signed in as:
filler@godaddy.com
Program Level Security - Encrypted Data
Security Features
Security Tables Encrypted
Security Tables Encrypted
- The user logs in using a user name and password. However individual customers have individual requirements that can vary enormously from one customer to another. In addition the platform being used (desktop or web) may have special requirements that need to be supported.
- To make logins as powerful, safe, and as feature-rich as possible - while at the same time making them easy enough to setup and use by mere humans has been a challenge. The result though is the most comprehensive login system available for Dex. All facets of the login system can be controlled at runtime so each customer can configure it to their own needs and policies.
Security Tables Encrypted
Security Tables Encrypted
Security Tables Encrypted
- All sensitive information in the data tables are stored encrypted and cannot be altered (or deciphered) by unauthorized programs.
- Unencrypted fields are tamper resistant - editing them in an external program will make the data unusable.
- User data is stored encrypted, in conformance with various privacy laws.
Security Standard Features
These features include:
- No logins at all - Users can choose to make the system loginless.
- Passwords are stored as Salted-Hashed values, not as encrypted text, in accordance with all current best practices.
- Second Factor Authentication using SMS or Email with Customer Defined Policies. When to require the second factor is a crucial element here, with options including every time, only on new devices, or on a time-based system.
- Active Directory support for those customers with an Active Directory server. This allows for password, or password-less logins against an Active Directory server, and also an optional In-Group setting on the server. This gives Active Directory Administrators complete control over who can use the program.
- Guest Logins (with pre-defined guest accounts) can be added. These have a user name, but no password, and usually have limited program access rights.
- Customer-defined password policies allow each customer to determine the password requirements for their users. Interesting options here include the prevention of password-reuse, and also the unacceptance of passwords that are commonly used by people. (So no 1234 or password weak passwords.)
- Customer-defined Lockout policies allow the user to determine when a user account will be locked (and for how long it will be locked) if multiple incorrect passwords are entered.
- Password Resets via SMS or Email
- Users can create new accounts (ie self sign-up) and be given default access rights.
- multi-tenant support with either unique-user or company/user logins.