User Login Settings

Secret Server users can be set up with many different login requirements. For example, you can force strong Login passwords by requiring a minimum length and the use of various character sets.

The following settings are available under Admin > Login settings:

"Allow Autocomplete" is now permanently on.
  • Allow Remember Me: This option enables the Remember Me checkbox on the Login screen. When a user chooses to use remember me, an encrypted cookie is set in their browser. This enables the user to revisit Secret Server without the need to log in. This cookie is no longer be valid when the remember me period has expired. They then have to enter their login information again. This option allows users to remain logged in for up to a specific period (specified in the "Remember Me Is Valid for" setting mentioned below). This option can be a security concern as it does not require re-entry of credentials to gain access to Secret Server.
"Remember me" is only visible if the "Allow Remember Me" setting is enabled. This is the period that the remember me cookie mentioned above is valid. For example: if set to one day, then users taking advantage of "remember me" have to log in at least once a day. To set a time value (minutes, hours, or days), uncheck the Unlimited checkbox.

  • Remember me is unlimited: Allows to set Remember me for the unlimited time.

  • Cache AD credentials for when engines are offline: Allows cached credentials to be used when Distributed Engine is unable to connect to Active Directory.

  • Default login domain: Select the related default login domain from the dropdown.

  • Enable domain selector: Display the domain selector at login - select Show Domain Label, Show Domain Dropdown, or Hide Domain Information.

  • Enable login failure CAPTCHA: When this option is on, the user will only have to complete a CAPTCHA if their login credentials are entered incorrectly a certain number of times.

  • Maximum login failures before CAPTCHA: The number of login failures before CAPTCHA.

  • Maximum Concurrent Logins Per User: This setting allows a user to log into Secret Server from multiple locations at once without logging out their sessions at other locations.

  • Maximum Login Failures: Set the number of login attempts allowed before a user is locked out of their account. Once locked out, they need a Secret Server administrator to reset their password and enable their account. For details on how to reset a locked account, see Creating Users.

  • User lockout time (minutes): Number of minutes a User will be locked out for.

  • Visual Encrypted Keyboard Enabled: This setting enables a visual keyboard for logins.

  • Visual Encrypted Keyboard Required: This setting requires a visual keyboard for logins.