Modify Staff Security Settings

Log in as an administrator.

1. Choose Administration, then Security.

2. Click Security Settings within the Staff Security Group. To edit security for students or parents, refer to Enable Student and Parent Sign-In.

3. Select from one of the following Staff Privileges:

   • Allow individual and group privileges.

   • Allow group privileges only (Recommended)

4. Choose "Lock Out" Settings.
   This setting helps prevent unauthorized access by brute-force attacks. When users exceed the number of incorrect login attempts, accounts are locked for a specified period. The lockout period doubles for every consecutive unsuccessful login attempt.

5. Select Allow users to reset their own forgotten passwords to allow users with a valid email address to reset their passwords.

6. Select the Minimum Password Size.
   Refer to Security Administrator Best Practices for more information. Password complexity settings do not apply to users within an Active Directory.

7. Set the Number of Days Until Temporary Passwords Expire. This is optional.

8. Set the Number of Days Until Personal Passwords Expire. This is optional.

9. Set the Number of Months to Prevent User from Reusing Passwords. Select N/A if you do not want to restrict users from reusing passwords.
   Password expiry settings do not apply to users within an Active Directory.

10. Specify the Session Timeout Minutes.

11. Choose the appropriate External SSO Staff ID Field.

12. Choose the appropriate OpenID Connect SSO Staff ID Field.

13. Click Accept.