You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > Info Hub > Member Access to the Info Hub > Set up User Info Hub Login Settings
Set up User Info Hub Login Settings
print icon

The Login Settings allow you to define default access levels, user validation methods, and password configuration for access to the Info Hub.

  1. In the Navigation panel, select Setup.
  2. Click End User Setup in the Staff and Users Setup section
  3. Click the Login Settings tab.
    screenshot

Configure the following settings:

  • Allow Contacts to create their own accounts - Selecting this option enables the Create Account button on the Info Hub login screen. The Account Validation Options discussed below are used for authentication of the new user. By default, when this setting is enabled, a contact must enter their email address to authenticate to the database that they have rights to sign up for the Info Hub. If their email address is present, they will be able to create log-in credentials.

NOTE: If you have enabled password conventions, along with allowing individuals to create their own accounts, the password conventions will be enforced when a member attempts to create the account on the Info Hub log-in screen.

  • Default User Name as email - If NOT selected, usernames are created with a firstname.lastname format. If multiple members have the same name, the system will append the subsequent account names with a number: firstname.lastname1, firstname.lastname2, and so on.
  • Default Access Level - Select the access level that you wish to, by default, provide to new contacts. All access levels you have configured for users of the Info Hub will be displayed for selection. 
  • Account Validation Options - These settings allow you to define how a user can activate their access to the Info Hub. NOTE: These settings are only displayed if Allow Contacts to create their own accounts is enabled. See above. NOTE: The system will always use Last Name and Email for validation.
    • Require Membership Number or Invoice Number For Account Activation - If this setting is selected, your system will validate whether a user can create a log-in to the Info Hub by verifying whether there is an existing membership number OR invoice in the system. When enabled, only a contact with an invoice number or membership number can create an account. This is most often used in cases where you do not want any non-member contacts creating hub accounts. An additional field is displayed on the Create Account screen, Membership/Invoice#. This field must be filled in and validated against the database to allow the use to create log-in credentials. NOTE: The system is looking for an active membership or invoice number. To make it easier for members to validate, the system is not validating on exact the BILL TO name on the invoice. This avoids problems where someone else at the organization pays the bills but all employees need to create hub accounts.
       

  • Enhanced Account Security Options
  • Enable Password Reset Challenge - If selected, when a member creates their password they will be prompted to answer a security questions. This will then be an option in assisting them with resetting their password. While helpful for preventing access to bad actors if a password is compromised, this option alone is not foolproof, particularly if the user has had their identity exposed. The security question options users will have to choose from are:
    • What was the name of your favorite pet?
    • What was the name of your elementary school?
    • What was the name of your childhood best friend?

NOTE: For members who have already created their password, the next time they log into the system they will be presented with the message: Please complete your password challenge question. The question will also be presented when a user wishes to reset their password.

  • Required Password Length - if you wish to set a specific minimum password length, enter the minimum required. Setting to zero indicates no specific length is required.
    RECOMMENDATION: 
    If you are enabling NO OTHER PASSWORD COMPLEXITY REQUIREMENTS, setting this to at least 18 characters will provide the minimal amount of protection against brute force attacks.
  • Required Numerical Characters - if you want password with a specific minimum number of numerical characters, enter the minimum number required. Setting to zero indicates that no minimum is required. RECOMMENDATION: Passwords SHOULD contain numbers to increase complexity and reduce the chances of a successful brute force attack.

  • Required Special Characters - if you want password with a minimum number of special characters, enter the minimum number required. Setting to zero indicates that no minimum is required. RECOMMENDATION: Adding special characters or symbols to password requirements contributes greatly to resistance against brute force attacks.

For more information on brute force attacks and how password complexity protects against them, see this article on Wikipedia.

IT IS HIGHLY RECOMMENDED THAT YOU IMPLEMENT PASSWORD COMPLEXITY REQUIREMENTS TO PROTECT YOU AND YOUR MEMBERS.

Data Privacy
  • Auto-populate only with full authentication: When enabled, the event registration form will no longer provide the convenience of automatically filling in the address, email, and phone for those that register for an event by specifying their email address. The registrant must fully log in for their contact information to automatically fill in for them. This will keep nosy or malicious website visitors from gaining additional contact info by simply knowing and entering the email address of a contact. This setting also protects the membership application in a similar way, keeping the form from auto-populating any contact info if it finds a match on name and email address. Associations who do not publish member directories and wish to keep contact info private may choose to enable this setting for an extra measure of protection.
 
Advanced Options
Enabling the Advanced Options checkbox displays additional settings in the Access Levels section.
screenshot
Enabling the Advanced Options checkbox displays additional settings options
  • Default Primary Contact Access Level: This option allows you to define the access level provided by default to Primary contacts in your database. Select the desired access level from the list.
  • Enable Access Levels by Membership Types for Info Hub Accounts: If you wish the flexibility to offer different benefits to the Info Hub hub based on different membership types, select this setting. When selected a list of all the membership types you have configured in your database will be display. You may select the access level you wish provided for each membership type. A common use for this setting is to allow members to create their own accounts, but prevent non-members from accessing anything in the Info Hub. In this example, the Default Access Level would be set to a "User - None" type of access, and the membership types could all be assigned a "User - Standard" or higher access level. NOTE: The membership type default access level will be automatically applied for new memberships. If the membership is upgraded or downgraded, you will need to manually adjust the access level which can be done easily when adjusting a membership. Additionally, you have the flexibility to manually change an access level for any contact at any time; they are not bound to the level set by their membership type at account creation.
     
 
 

Additional Considerations

  1. If you have made changes, click the Save button.
Feedback
0 out of 1 found this helpful

scroll to top icon