Security Settings
Introduction
The Security Settings feature in Gangmates enhances your organization’s security through Multi-Factor Authentication (MFA) and Session Timeout settings. MFA adds an extra layer of protection to user accounts by requiring not only a password but also a second verification method, such as a code from an authenticator app. This reduces the risk of unauthorized access, even if a user’s password is compromised.
What is MFA and Why It Matters?
Multi-Factor Authentication (MFA) is a security process that requires users to provide two forms of verification to access their accounts:
Something you know: Your password.
Something you have: A temporary code from an app like Google Authenticator.
Benefits of MFA:
Enhanced Security: Even if a password is stolen, the second layer of authentication prevents unauthorized access.
Reduced Risk: Protects sensitive company data, payroll records, and user accounts.
Compliance: Meets security standards required for safeguarding financial and personal data.
What is Session Timeout and Why It Matters?
Session Timeout automatically logs users out after a period of inactivity, safeguarding accounts left unattended.
Default Timeout: 60 minutes.
Customizable: Admins can set custom durations.
Step-by-Step Guide: Setting Up MFA
Step 1: Navigate to Security Settings
Go to Security -> Settings from the main menu.
You will land on the Security Settings Page.
Step 2: Configure MFA
Option 1: Enable MFA for All Pages
Under the Require MFA for All Pages dropdown, select Yes.
All users will be required to set up MFA and authenticate at login.
Option 2: Enable MFA for Specific Pages
Set Require MFA for All Pages to No.
Under the Select Pages that Require MFA dropdown:
Choose pages or functions requiring MFA (e.g.,
/users,/paystubs,/security/settings).Use CTRL (Windows) or CMD (Mac) to select multiple pages.
Set MFA Timeout: Enter the timeout duration (in minutes) for re-authentication under MFA Timeout (Minutes).
Click Save Settings to apply the changes.
Step 3: User Experience with MFA
Once MFA is configured, users will encounter the following scenarios:
During Login (if MFA is enabled for all pages):
Users log in with their email and password.
They are prompted to set up MFA if they haven’t already enrolled.
When Accessing Specific Pages (if MFA is page-specific):
Users navigate to a protected page (e.g.,
/paystubs).They are prompted to complete MFA verification.
How Users Enroll in MFA
Prompted to Enroll: Users will see a screen guiding them to set up MFA.
Download an Authenticator App: Users should install an app like Google Authenticator (recommended) on their mobile device.
Scan the QR Code:
Open the authenticator app.
Scan the QR code displayed on the screen.
Enter the Verification Code:
The app will generate a 6-digit temporary code.
Enter this code into Gangmates to complete enrollment.
Step-by-Step Guide: Configuring Session Timeout
Step 1: Navigate to Security Settings
Go to Security -> Settings.
Step 2: Adjust Session Timeout
Scroll to the Session Timeout section.
Click Edit.
Enter the desired timeout duration (in minutes) under Session Timeout (Minutes).
Click Save Session Settings.
User Experience with Session Timeout
After inactivity, users are automatically logged out based on the configured timeout duration.
Users must reauthenticate to regain access.
Best Practices for Security Settings
MFA Enrollment: Enable MFA for all users to maximize security.
Critical Page Protection: Apply MFA to sensitive areas (/security/settings, /paystubs).
Session Timeout: Set a reasonable timeout to balance security and usability (e.g., 30-60 minutes).
Troubleshooting
MFA Code Not Working:
Solution: Ensure the mobile device's time is synchronized.
User Locked Out (MFA):
Solution: Admins can reset MFA for users via the User Management section.
Session Timeout Issues:
Solution: Ensure the session timeout is configured correctly in Security Settings.
Support
For assistance, contact support@gangmates.com. Include details about the MFA configuration or issues encountered.
Last updated