Skip to main content
Top

Security settings

The security settings under Settings > Administration > Security settings allow you to ensure your site and all data are well protected and safe. 

When it comes to site accesss, we highly recommend enabling 2-step verification for logging into your site. If needed, you can also restrict access to your Scoro site to specific IP addresses only. 

This article will walk you through all security settings you can set up for your site. 

Jump to...

  1. Use 2-step verification
  2. Valid user account password
  3. Session expiration setting
  4. Enable Microsoft or Google sign-in
  5. IP restriction
  6. Enabling regular login for specific users
  7. Site backups and exporting site data

security-settings.png

1. Use 2-step verification

To keep your data safe, we recommend setting up two-factor authentication by enabling the 2-step verification toggle in the security settings to keep your data safe, even if your password somehow mistakenly ends up in the wrong hands. Just switch on the setting Use 2-step verification.

If 2-step verification is active on your site, each user has to verify their account via mobile phone. When logging in, the user enters their username and password, Scoro sends a text with a unique string of numbers to their mobile phone, and they type in the code. In addition, each user can add multiple devices to their trusted devices list, so Scoro knows it’s them logging in — that way, the user doesn't have to sign in via 2-step verification each time. Read how to set up 2-step verification.

2. Valid user account password

To keep your site and user accounts safe, it's recommended to set up an expiry period for user passwords. Just pick the time period from the User password is valid dropdown list. When the validation period is over, the user is asked to change their account password.

3. Session expiration setting

Enable session expiration settings for users, so each user can decide the maximum time period for how long they're logged in to their site when inactive. Each user can set up their session duration under Settings > My settings > My security settings. 
Session_duration.png

4. Enable Microsoft or Google sign-in 

If your team is using Google or Microsoft accounts, you can enable one or other sign-in option for your Scoro site. 

For example, if your team is using Microsoft, and you have enabled this sign-in option, users who have already created their Scoro user accounts can now use the Sign in with Microsoft option to log in even quicker. This makes the login process more convenient, as you won't need separate credentials. 

5. IP restriction

If needed, you can use IP restriction and specify (whitelist) one or more IP addresses from which the users are able to access your site.

6. Enabling regular login for specific users

If your site has Single sign-on (SSO) enabled, but there are users who aren’t able to use SSO, you can enable the regular username and password login method for them.

For more information on how to set this up, go to our article about Single sign-on (SSO).

7. Site backups and exporting site data

Scoro makes backups of your site every evening and keeps the backups for 75 days. This way, your data is kept safe, and any lost data in that timeframe can be restored.

Besides the automatic data backups, you can export the data in a CSV or XLS file format whenever needed. Learn more about exporting data.

Was this article helpful?
0 out of 0 found this helpful

We use your article feedback to improve our help content—thank you!

Have more questions? Submit a request
Return to top
Powered by Zendesk