Configuring User Experience

Overview

The User Experience page is a part of general application configuration that focuses on tailoring the interaction between users and Secret Server. It encompasses settings that define how users engage with the system, ensuring that their experience is both efficient and secure.

Key aspects of the User Experience page include:

  • Performance and Responsiveness: Settings like Search delay and inactivity timeouts are configured to optimize the application's responsiveness and ensure that users receive timely feedback, while maintaining security through automatic log-outs after periods of inactivity.

  • Localization and Formatting: By setting the time zone, date, and time formats, the application can present information in a way that aligns with the user's regional preferences, enhancing usability and reducing confusion.

  • Security and Compliance: Options such as requiring folders for secrets and managing password history, are designed to enforce security policies and compliance requirements, ensuring that sensitive information is handled appropriately.

  • User Roles and Permissions: The default role for new users and language settings help streamline the onboarding process and ensure that users have the appropriate access and interface language from the start.

The User Experience page is designed to create a seamless, intuitive, and secure environment for users, balancing ease of use with necessary security measures.

Settings

To configure User Experience settings, search for User Experience, and click Edit. The following settings are available for configuration:

  • Search delay: Sets the number of milliseconds a search waits after a user stops typing.

  • Force inactivity timeout: Sets a time limit on idle sessions. Once a session expires, the user must log in again with their username and password.

  • Force inactivity timeout minutes: Sets the inactivity time limit on idle sessions.

  • UI inactivity timeout: Sets time in minutes. After this time elapses, the new UI will show an overlay to indicate that it has stopped making server calls and refreshing data. This is to limit workload for browsers tabs that are not active.

  • Time Zone: Select the appropriate time zone from the drop-down. The server will run schedules and show dates in this timezone by default.

  • Default date format: Select the related date format from the drop-down. All dates will render in this format unless a user preference overrides it.

  • Default time format: Select the related time format from the drop-down. All times will render in this format unless a user preference overrides it.

  • Require Folder For Secrets: Select this checkbox to require that all secrets to reside in a folder. Folders can be designated per secret on the All Secrets page.

  • All Secret Password History: Select this checkbox to prevent users from reusing old passwords. When using the change password or bulk change password action, this will enforce that no passwords will be able to be reused for the password change on a secret.

  • Secret Password History: Sets the number of secret password changes. When using the change password or bulk change password action this will enforce uniqueness across a specific number of password changes.

  • Secret Password Displayed Interval Minutes: Sets the interval in minutes which must pass between audit entries, when a secret password is viewed. If set to 0, every secret display event is audited (no debounce). The default value is 5 minutes.

  • Secret View Interval Minutes: This setting controls the minimum time between "View" audits. It acts like a debounce (rate-limiting) mechanism, with the default time being 5 minutes.

  • Secret Comment Interval Minutes: The number of minutes for which a secret can be viewed after entering a comment. Applies only when "Requires Comment" is enabled, and has a default range of 5 minutes.

  • Include Session Info on Each Audit: If a secret has the require comment checkbox enabled, the ticket number will be applied to every audit on the secret during that session.

  • Password mask timeout (seconds): Sets the seconds before the password mask returns after viewing the password. After this time period has elapsed, a password field will hide this password and remove it from browser memory. Viewing the password again after this time period will require a request for the password from the server. Setting this to 0 will disable the feature.

  • Separate secret audit for comment: When this checkbox is selected, a secret that requires a comment will have a separate audit event instead of combining Comment and View. View will only occur if a user views the secret.

  • Separate checkout and comment action: When this checkbox is selected, the inline action menu on the secret grid will show both checkout and comment instead of combining them.

  • Checkout notification threshold: Sets the percentage of time-elapsed since a secret was checked out, for when the checkout notification will be sent. If set to 0 the feature is disabled.

  • Enable Secret Check Out Extension: Select this checkbox to allow users to extend the remaining check-out time for secrets.

  • Enable icon gathering: Select this checkbox to enable downloading of favicons for secret URL values.

  • Show icons for secrets: Select this checkbox to enable the display of icons for secrets in the secret list and the secret details page.

  • Application Language: Select the default language for users from the drop-down.

  • Default New User Role: Select the related role from the drop-down. All new users will be given the selected role, if any, in addition to inheriting roles from any groups they are in.

  • Disable legacy bookmark pages: Select this checkbox to allow customers to choose whether legacy bookmark pages are disabled (made invisible) or not. The option is activated by default, marking these pages as disabled.

    This option can be toggled to view those bookmark pages that are used by legacy versions of Web Password Filler.

  • Enable request force checkout: Select this checkbox to enable a user without force-checkout permission to request a force checkout of a secret.

When done, click Save.