6.21.0 Device security enhancements

6.21.0 Device security enhancements

What's new?

We've enhanced account security by introducing user account lockout features. After ten failed login attempts, accounts will be locked, requiring password reset or admin assistance. Additionally, we've updated session timeouts and device expiration settings to protect against unauthorized access. Administrators can now configure session expiration intervals and terminate multiple active sessions for a user.

Account lockout

Lockout - failed email/password 

When attempting to log in with email/password, the number of times out of ten a failed password has been attempted is tracked and displayed on the login screen.

Once ten failed attempts are maxed out, you will see an error message stating your account has been locked. You must contact a system administrator, or reset the password, and the option to enter your email address and password will be grayed out. 

Rolling expiration window and device expiration interval

Device Expiration Interval (1 - 30 Days)

Within the Configuration screen, system administrators must configure a rolling expiration interval for inactive users to enhance device security. By default, this interval is set to 30 days, but administrators can customize it as needed within the 1-30 day range. Aspire automatically extends the user’s session with each login. If a user has not signed in within the configured number of days, the device is considered expired, and the user will be required to sign in again with their email and password.

For more information, see the following articles:

• Configuration screen
• General Aspire Access