A new section devoted to security enhancements has been added under the "Settings / Configuration" area. These optional features are often restricted to administrators of your CMS; if you have questions about them, feel free to reach out to Crownpeak support.
- Disable User Account - An administrator can choose how many times a user can attempt to login, but fail. After the chosen amount, the user will be locked out and the account disabled temporarily. An administrator will need to re-enable the account and will be notified via an email alert; the email account used is on file under the Configure / General area of the Settings section.
- Login Settings for User Accounts - an option for restricting users from logging into the CMS during a specified amount of time. The period of time is configurable. Users who try to access the CMS between the restricted time range will be notified clearly on the login screen.
- User Account Inactivity - ability to force a logout of the application is a user is idle. The amount of time idle before forcing a logout is configurable. The user will be warned 1 minute prior to the logout event. If they do not remain active, they will be logged out and have to sign back in.