SessionLimit v2
  • Infrastructure Documents
  • Overview
    • What is SessionLimit
    • FAQs
    • Road Map
    • Licensing
  • Planning
    • POC Requirements
    • Supported Configurations
    • Windows Server Requirements
    • SQL Server Requirements
    • Other Requirements
    • Network Considerations
    • Design
      • 2Factor VPN Design
      • 2Factor for OWA Access
      • 2Factor for Company Resources
  • Deployment
    • GMSA Account for Application Pool
    • DNS Service Record for Agent Autodiscovery
    • Installing Microsoft SQL Server
    • Internet Information Service Installation
    • .NET Core 8.0 Download and Install
    • .Net Framework 4.7.2 Download and Install
    • HTTPS Certificate
    • Installing SessionLimit 2.1
    • Upgrading SessionLimit
      • Upgrading SessionLimit 2.0.12 to 2.0.13
      • Upgrading SessionLimit 2.0.13 to 2.0.14
      • Upgrading SessionLimit to 2.0.15
      • Upgrading SessionLimit to 2.0.16
      • Upgrading SessionLimit to 2.0.17
      • Upgrading SessionLimit to 2.0.18
      • Upgrading SessionLimit to 2.1.0
      • Upgrading SessionLimit to 2.1.2
      • Upgrading SessionLimit to 2.1.3
      • Upgrading SessionLimit to 2.1.4
    • First Time Wizard
    • Agent Deployment
  • Managing
    • Logging to SessionLimit 2.0
    • Dashboard (Home)
      • General Dashboard
      • My Dashboard
      • Agents Dashboard
    • Policy
      • Session Protection Policy
      • 2FA Policy
    • Limitations
    • Endpoint Management
      • Users
      • Computers
    • Settings
      • General
        • Server Settings
        • LDAP Settings
        • Notification Settings
          • General Notification
          • E-Mail
          • SMS
        • Syslog Settings
        • Syslog Message Settings
      • Advanced Settings
      • 2FA
      • Agent
    • Events
    • Reports
    • Role Management
    • License Management
      • Online License
    • Syslog
      • Logon Operations
  • Agent
    • Session Control
    • 2FA
  • Tips&Tricks
    • SQL Express Usage
    • Fixing 500.19 web.config error
    • Enable HTTPS Redirection in IIS with HSTS
    • Using GMSA Account in Application Pool
    • Give Database Access for GMSA Account
    • What are the SessionLimit protection states?
    • Securing Windows Server
    • How to Create Custom Protected Attribute in Active Directory
Powered by GitBook
On this page
  • Portal 2FA Settings
  • Users can use SMS for 2FA at login to the portal
  • Users can use Authenticator for 2FA at login to the portal.
  • Captcha Is Enabled
  • Failed Attempt
  • SMS Text Settings
  1. Managing
  2. Settings

2FA

Scope: SessionLimit 2.0

PreviousAdvanced SettingsNextAgent

Last updated 5 months ago

Portal 2FA Settings

SessionLimit is used to secure entries to the portal screen.

Users can use SMS for 2FA at login to the portal

Users are forced to use SMS when entering the Portal. The attribute from which the user's mobile phone number will be read must be selected in the LDAP settings and the mobile phone number must be written in this attribute. Otherwise he cannot log in.

Users can use Authenticator for 2FA at login to the portal.

When entering the Portal, users are forced to enter with the Authenticator software installed on their mobile phone. The user must definitely set the Authenticator setting. Otherwise he cannot log in.

Captcha Is Enabled

It is a security measure used to prevent the username and password from being repeatedly tried when logging in. Works with Failed Attempt. After the number of incorrect entries specified in this field, a captcha appears on the screen and the login process cannot be successful unless this captcha is entered correctly.

Failed Attempt

It is a setting used when Captcha is turned on. It allows captcha to be displayed on the screen after the number of incorrect entries specified in this field.

A minimum of 3 and a maximum of 10 can be entered in this field. The default value is 3.

SMS Text Settings

You can determine the format of the SMS that will be sent to the user during 2FA transactions via SMS in both the calendar and the portal. There is a total limit of 160 characters. This length will necessarily decrease when special characters are used. You must send the OTP code to the user with special code blocks in the SMS.

<@REF> This is a code used to verify that users' incoming SMS was actually sent via SessionLimit. It is produced specifically for SMS and a different reference number is generated each time an SMS is sent. It is recommended to be included in the message. This information is also displayed on Portal and Agent entries.

<@OTP> is the verification code to be used in 2-way verification. It is a 6 digit number. You can log in to the system using this code. If this field is not sent in the message content, users cannot log in to the system because they will not know the code.