In today’s increasingly digital world, ensuring the security of user accounts is a top priority. To help safeguard your business and users, eformsign offers several key features designed to enhance account security. Let’s explore three important eformsign security features: Lock Inactive Accounts, Disable Multiple Logins, and Email Notification at Login.
1: Lock Inactive Accounts
Inactive accounts present a significant security risk as they can be easily exploited by attackers. eformsign addresses this concern with its Lock Inactive Accounts feature, which automatically locks user accounts after a set period of inactivity. This reduces the potential for unauthorized access.
Why locking inactive accounts is important
Inactive accounts are an easy target for cyberattacks. By locking accounts that have not been used for a specified time, eformsign helps prevent hackers from accessing your system through these vulnerabilities.
How to use the feature
When an account is locked, members who wish to regain access to eformsign must request their company administrator unlock it. This feature can be enabled by the company administrator by navigating to the Manage company > Security settings > Login settings menu and toggling on Disable multiple logins. Once enabled, the system will automatically lock accounts after a chosen period of inactivity, which can be set between 7 to 365 days. You can set the inactive period by clicking Change, setting the inactive period in units of days, and clicking the Save button.
Unlocking accounts
If an account is locked, the member must request the company administrator to unlock it. The company administrator can easily unlock accounts by navigating to the Manage members page, and then clicking the Unlock locked account button next to the desired member.
2: Disable Multiple Logins
Controlling how users access their accounts is crucial to maintaining security. The Disable Multiple Logins feature ensures that only one active session is allowed per user, reducing the risk of unauthorized access from multiple devices.
Why restricting multiple logins matters
Allowing multiple logins from the same account can be risky, especially if users forget to log out on shared or public devices. With this feature enabled, only the most recent login session remains active, while previous sessions are automatically logged out.
How to use the feature
The company administrator can enable this feature by navigating to the Manage company > Security settings > Login settings menu and then toggling on Disable multiple logins. Once enabled, it ensures that any older sessions are immediately terminated when a user logs in from a new device or browser.
Additional Settings: Auto logout time and Auto logout warning
You can set an Auto logout time by clicking Change next to Auto logout time and setting the time in minutes This automatically logs users out after a period of inactivity (from 10 minutes to 24 hours).
You can also set an Auto logout warning by clicking Change next to Auto logout warning and setting the time in seconds from 30 to 300 seconds. This alerts users for a specified time before their session is due to expire, allowing them to stay logged in if they are still active.
3: Email Notification at Login
Keeping users informed of account activity is another critical component of security. The Email Notification at Login feature sends a notification to users’ email addresses each time they log in, providing an extra layer of transparency and protection.
Why sending notications at login matters
Hackers can sometimes access accounts without users knowing. Without login notifications, you may miss unauthorized activity. Enabling these notifications alerts you immediately when someone logs into your account, allowing you to take swift action like changing your password.
How to use the feature
Users can enable this feature by navigating to the My profile > Personal > Security page in the sidebar and toggling on Send an email notification when you log in.
Every time members log in, they will receive an email with the following information:
- Member name and email
- Logged in date and time
- Accessed from (device or browser)
- IP address
This allows users to stay informed about their account activity and detect any suspicious logins.