RIchard Horton Posted May 18, 2022 Share Posted May 18, 2022 You have a helpful page describing how Hornbill complies with Cyber Essentials. However Cyber Essentials has been updated since the page was last updated. So, request 1 is, can you update this, please. A couple of specifics Multi Factor Authentication should now be available to turn on. Is this available for users of Direct Login (for SSO it is provided by the SSO provider) ? I can't see anything on it in the wiki. There are minimum password rules specified in Cyber Essentials. Where in Admin do you set these (I remember that these were set as part of our implementation, but don't see anything on where you can check/change these) Link to comment Share on other sites More sharing options...
RIchard Horton Posted May 18, 2022 Author Share Posted May 18, 2022 PS I see that your Cyber Essentials certification is due to be renewed next week, so hopefully this is a timely question ! Link to comment Share on other sites More sharing options...
Martyn Houghton Posted May 18, 2022 Share Posted May 18, 2022 @RIchard Horton Password settings are controlled via the Platform > Advanced System Settings. If you filter for security.user.password for Hornbill direct login or security.guest.password for customer portal logins. Cheers Martyn 1 Link to comment Share on other sites More sharing options...
RIchard Horton Posted May 18, 2022 Author Share Posted May 18, 2022 Thanks, Martyn 1 Link to comment Share on other sites More sharing options...
Gerry Posted July 8, 2022 Share Posted July 8, 2022 @RIchard Horton "Multi Factor Authentication should now be available to turn on" This is currently being implemented for both Hornbill User/Basic User Direct Login and Customer Logins, expect this to be available in the next 2-3 weeks. Gerry Link to comment Share on other sites More sharing options...
Gerry Posted July 18, 2022 Share Posted July 18, 2022 First tests on beta, with 2FA working nicely for user logins. (email on left, login page on right after you entered login credentials) Gerry Link to comment Share on other sites More sharing options...
Hornbill Staff DR Posted August 16, 2022 Share Posted August 16, 2022 To conclude the topic of 2FA, this functionality is now available (build 3629 and later).  Link to comment Share on other sites More sharing options...
RIchard Horton Posted August 17, 2022 Author Share Posted August 17, 2022 Thanks Gerry and Dan A question on how this works. Where you use Single Sign On for most users and Direct for some (e.g. Admin), if you choose the Mandatory option for 2FA does it only enforce it for Direct access ? I'm assuming this is likely to be the case as the SSO will (or should) cater for this separately. Before I turn it on, could you confirm whether our SSO use won't be impacted. Richard PS if not there already a wiki article on 2FA would be good (that gets found if you search for MFA !) Link to comment Share on other sites More sharing options...
Gerry Posted August 17, 2022 Share Posted August 17, 2022 @RIchard Horton Yes that is correct, the 2FA is only applied to direct login, not SSO login. If you need 2FA on SSO login, we would assume your identity provider would provide that capability. Gerry 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now