How to Improve Globalscape EFT User Security
By John Wallace | Jul 26, 2022 |
In this top tip, one of our Globalscape EFT experts, John Wallace will be looking at Globalscape EFT authentication and how to make your site secure.
With Cyber Attacks on the rise, you can never have enough security on your site. Globalscape EFT Server comes packed with many features to enable you to lock down your site and by default the settings will give you a secure system. However, it's still a good idea to review your settings in Globalscape EFT to enable the additional features for robust security.
There are other methods for accessing the EFT site using AD, LDAP, RADIUS and SAML, but we will be looking at Globalscape EFT authentication and how to enable some of the extra features to improve the security of your site.
Globalscape Authentication
Strong passwords are often turned on by default, however, these are most likely to be set to a low level of complexity. This leaves the risk that these passwords will not meet audit and compliance standards. Follow this short guide on how to improve your password security.
To improve your password security - select your site and click on the security tab.
The first thing to do is to enable the ‘Enforce strong passwords’ tab and then open the Configure tab and set your password complexity (you may have company standards you need to adhere to so follow those rules). Ideally have a minimum password of 12 characters with a mixture of Upper/Lowercase letters, numbers and special characters.
Next look at the ‘Allows user to reset their password’ section, check this option and then the option which asks user to change their password at first login. Then set the password expiration for the account.
Next select and check ‘Prohibit reuse of previous passwords’ and set it to 6.
Set ‘Enable option to e-mail users their login credentials’ to ‘e-mail the username and password in separate emails’.
And to finish off enable the ‘Disable’ account after in-active (there may be a company policy for this), if not set appropriately, but suggest no more than 90 days.
And that's how you improve password security to your Globalscape EFT Server. If you would like to know more about how to keep your site secure, please get in touch with our Globalscape EFT experts.