Security Preferences

Security Preferences

As an admin-level user, there are three important settings you can use to tighten the security requirements on your account.

You can:

  • Disable unencrypted access to your account.
  • Require strong passwords for your users.
  • Only allow logins from a specific set of IP address ranges.

Secure Only Mode

Show Me
Enabling secure connections in SWFT

The secure only mode for your account disables connections through traditional FTP. Your users will still be able to connect through SFTP and the ExaVault web interface, which uses HTTPS. This setting makes sure that all data transfers are encrypted.

This setting applies to all of your users; there is no way to require only one user to always connect through a secure method.

To enable secure connections only:

  1. Log in as an admin user in ExaVault web interface.
  2. Click the My Account button on the main toolbar.
  3. Stay on the PREFERENCES tab.
  4. Scroll down to the Increased Security Options section.
  5. Check the box next Enable secure only mode – only allow connections via SFTP and HTTPS.
  6. Click the SAVE CHANGES button at the bottom of the screen.

Your settings will take effect immediately. If you have just turned the setting on, users already connected through FTP will not be disconnected, but they will no longer be able to transfer files.

Complex Passwords

Show Me
Enabling complex passwords in SWFT

By setting the option to enforce complex passwords, you require any new passwords for your users to follow these rules:

  • The password must be at least 8 characters long
  • The password must contain at least 1 uppercase letter
  • The password must contain at least 1 lowercase letter
  • The password must contain at least 1 number (0 through 9)

To update your setting:

  1. Log in as an admin user in ExaVault file manager.
  2. Click the My Account button on the main toolbar.
  3. Stay on the PREFERENCES tab.
  4. Scroll down to the Increased Security Options section.
  5. Check or uncheck the box to change the requirement for Enforce complex passwords.
  6. Click the SAVE CHANGES button at the bottom of the screen.

Turning the setting for complex passwords on will not “expire” or invalidate any existing users' passwords. The setting only applies when a user's password is updated or when a new user is created.

Allowable IP Ranges

Show Me
Setting allowable IP ranges in SWFT

If you need to make sure that people are only accessing your account from specific locations, you can define allowable IP address ranges. If IP ranges are defined, when a user tries to log in, their current IP address will be checked against the list of allowed IP address ranges. If the user's IP address is not in the range, the user will be unable to connect to your ExaVault account. Remember that:

  1. All traffic from the IP address is blocked if it's not in the whitelist (both FTP and HTTPS)
  2. The settings are account wide and not per-user. If there are any addresses listed, all addresses connecting to the account will be checked against the list.

To update your allowable IP address ranges:

  1. Log in as an admin user in ExaVault file manager.
  2. Click the My Account button on the main toolbar.
  3. Stay on the PREFERENCES button.
  4. Scroll down to the Restrict Access By IP Range section.
  5. Click the ADD RANGE button to add a new set of IP addresses.
  6. Enter a beginning allowable IP address range and an ending allowable IP range.
  7. Continue clicking the ADD RANGE button to add additional ranges.
  8. Scroll to the bottom of the page and click the SAVE CHANGES button to finalize the changes.

You can always go back and edit the allowable ranges to remove IP addresses that should no longer have access or to add new ranges to the list.

  • To remove a previously allowed IP address just, just click the trashcan button to the right of the listed IP address range.
  • To add a single IP address to the list of allowed ranges, use the address as both the starting and ending address in the allowable range.

Did you find an issue with this article? Let us know!

account/09-settings/02-account-security.txt · Last modified 2019/07/11 11:50 (external edit)