You can set the password level and the maximum password age. You can also set the maximum invalid attempts and the maximum password change limit.
| 1) | Click Settings > SECURITY. |
| 2) | Edit the necessary items. |
|
|
|
Password Level
|
Set the policy for the password complexity for BioStar 2 login.
| ▪ | Low: You can enter up to 32 characters. |
| ▪ | Medium: You must combine 8 to 32 alphabetic characters (uppercase or lowercase), and numbers. |
| ▪ | Strong: You must combine 10 to 32 alphabetic characters (uppercase and lowercase, at least one alphabetic capital), numbers, and symbols. |
 Note
| ▪ | If Cloud Use set to Use, you can only use Medium or Strong. |
|
Maximum Password Age
|
You can set the period for which you want to use the password. If the Maximum Password Age is exceeded, a password change request message is displayed at login.
Note
| ▪ | You can set the Maximum Password Age from 1 day to 180 days. |
|
Maximum Invalid Attempts
|
You can set the Maximum Invalid Attempts and the time limit. If you enter the wrong password more than the set number of times, you will not be able to log in for the time limit.
|
Maximum Password Change Limit
|
You can set the Maximum Password Change Limit.
Note
| ▪ | You can set the Maximum Password Change Limit up to 10 times. |
|
|
|
|
|
Encrypt Personal Data on Database
|
When Use is set for Encrypt Personal Data on Database, all sensitive data including credential data and personal information will be stored in the database as encrypted. If this option is set as Not Use, the encrypted data will be decrypted and the user's personal information will be stored in an unencrypted state.
Note
| ▪ | Items to be encrypted when using Encrypt Personal Data on Database are as follows.
- Profile image
- User ID
- Name
- Phone number
- User IP
- Email information for sender ans recipients
- Login ID
- Login password
- Face template
- Fingerprint template
- Card ID
- Smart card layout key
- Custom information for user and visitor
- Image log files |
| ▪ | Do not force start the server while encrypting personal data on the database. Errors such as failure to log in to BioStar 2 may occur. |
|
Personal Data Encryption Key
|
You can set the personal data encryption key. Click Change and set a new encryption key. If changing the encryption key, the existing data will be re-encrypted.
Note
| ▪ | You can enter the encryption key with 32 characters using letters, numbers, and symbols. |
|
Secure communication with device
|
The communication between BioStar 2 and a device can be protected using a certificate.
When Use is set for Secure communication with device, BioStar 2 creates and sends a certificate to the device. The device can use a secure channel for exchanging data with BioStar 2 using this certificate. In order to use an external certificate, Root certificate, Public key certificate, and Private key files must be uploaded.
If Device Hashkey Management set to Use, you can set a new data encryption key and administrator password.
Note
| ▪ | The devices and the firmware versions where the secure communication can be set are as follows.
- FaceStation 2 FW 1.1.0 or later
- BioStation A2 FW 1.5.0 or later
- BioStation 2 FW 1.6.0 or later
- BioStation L2 FW 1.3.0 or later
- BioLite N2 FW 1.0.0 or later
- BioEntry P2 FW 1.1.0 or later
- BioEntry W2 FW 1.2.0 or later
- FaceLite FW 1.0.0 or later
- XPass 2 FW 1.0.0 or later
- CoreStation FW 1.1.0 or later
- X-Station 2 FW 1.0.0 or later
- BioStation 3 FW 1.0.0 or later |
| ▪ | BioStar 2 creates or deletes a certificate according to the setting status of Secure communication with device, and the same certificate as the previous certificate will not be created. For example, if the setting of Secure communication with device is changed in the order of [Use - Not Use], the created certificate will be deleted automatically. When the setting is changed in the order of [Use - Not Use - Use], the operation of [Create A certificate - Delete A certificate - Create B certificate] is carried out. |
| ▪ | If the device is disconnected from the network physically while using the secure communication of BioStar 2, do not turn off the secure communication option. In such a case, the certificate of BioStar 2 will be deleted, and the device will not be able to connect again. To connect it again, the certificate saved in the device must be deleted or the device must be reset to factory default. For more details, refer to the manual of the device. |
|
|
Note
| ▪ | The Advanced Security Settings tab is only active when you log in as the initial administrator. |
|
|
|
Simultaneous Connection Allow
|
You can set whether to allow simultaneous connections using the same account. If you set Simultaneous Connection Allow to Inactive, a previously logged in user will be logged out when attempting to connect to the same account simultaneously.
|
|
|
|
|
Unified Gateway
|
You can change the execution port of BioStar 2 to the Unified Gateway.
Unified Gateway allows efficient processing of requests to the BioStar 2 server through the reverse proxy method, improves security vulnerabilities in iframes, and minimizes SSL certificate errors.
Note
| ▪ | When you activate Unified Gateway, the server restarts and automatically directed to the login page. |
| ▪ | If the port is in use, a pop-up message will appear. Enter a different port number and activate it again. |
|
|
| 3) | Click Apply to save the settings. |
