User Passwords & Multi-Factor Authentication

Managing Passwords and Multi-Factor Authentication for InsightCloudSec

This section of the documentation includes details about managing passwords for access to InsightCloudSec. Note that this does not apply passwords and password requirements related to individual Cloud Service Providers.

Password Requirements

InsightCloudSec enforces the following password requirements:

A minimum of 12 characters to include: one special character, one uppercase character, one lowercase character, and one number.

Resetting Passwords

🚧

No SMTP Configured

For users with no SMTP configuration, a password reset will require an administrator to manually reset the password with a temporary password. The email notification capability is not available.

Forgotten Password

A password reset can be requested by the user through the "forgot password" link located on the InsightCloudSec sign-in form. Clicking this link triggers an email that will enable a user to reset their password. This option is available to new users as well as existing users.

In-App Password Reset

A user can change their password by navigating to their profile, confirming their existing password, and then creating a new password.

Admin Password Reset Request (SMTP)

A Domain Admin can select a specific user and generate an email that prompts the target user to reset their password.

  • From the main navigation menu, select "Administration --> Identity Management" and select the Users tab. Locate the user whose password you’d like to reset.
  • Click the action icon to the left of their name and select "Reset Password" to generate a password reset email.

Note: If a user attempts to login with expired credentials (e.g., using the previously active/correct password) after their Domain Admin has triggered the reset email, they will also be automatically redirected to the password reset function.

📘

Email - Password Links

Any links received via email to reset a user's password are valid for 1 hour. After 1 hour a new email and link will have to be requested/generated.

Domain Administrator Password Reset (generates an email to the user)Domain Administrator Password Reset (generates an email to the user)

Domain Administrator Password Reset (generates an email to the user)

Admin Password Reset Request (No SMTP) - A Domain Admin can select a specific user and generate a temporary password to share with the user manually.

  • From the main navigation menu, select “Identity Management", select "Users”, and find the user whose password you’d like to reset.
  • Click the action icon to the left of their name and select Reset Password; confirm to generate the temporary credentials.
  • Share these credentials with the target user; when they log in, the system will prompt them to update their password.

Note: If a user attempts to login with expired credentials (e.g., using the previously active/correct password) after their Domain Admin has triggered the reset, they will also be automatically redirected to reach back out to the administrator.

Admin Password Reset with Non-SMTP SetupAdmin Password Reset with Non-SMTP Setup

Admin Password Reset with Non-SMTP Setup

Multi-Factor Authentication

Multi-factor authentication (MFA)--also known as two-factor authentication (2FA or TFA)--enhances security by verifying a user's identity using multiple methods of authentication from independent categories of credentials.

To set up a user for MFA in InsightCloudSec, an Admin will need to do the following:

1. From the Administration Icon (gear) "Administration --> Identity Management", select the Actions menu for the user you want to assign MFA.

2. Select "Require MFA for User" for the target user.

Enabling MFA for a UserEnabling MFA for a User

Enabling MFA for a User

  1. Select "Confirm" on the dialog.

The next time a user attempts to log in, they will be prompted to set up MFA.

❗️

Save the OTP Authentication Key - This token only displays once

  1. Users will need to download Google Authenticator for iOS or Android, as appropriate.

Did this page help you?