The Security Settings tab allows configuration in preventing automated attacks and password‐guessing attempts by locking out people who repeatedly provide incorrect login details. You can specify the number of times that users may attempt to log in, and the length of time for which users who exceed this number of login attempts are locked out.
When a user is locked out, login attempts from the user’s IP address are not allowed. The amount of time that the user must wait before trying again displays.
You can also set a time delay for the login screen. When you do this, a user who has provided incorrect login details must wait the specified number of seconds before being able to attempt to log in again.
To manage Interspire Email Marketer’s login security settings:
- Click Settings in the toolbar, then click the Security settings tab.
If you want to interrupt current session after some time of inactivity, enter the time (in minutes) in the Session Timeout in minute(s) field. Entering 0 means no timeout.
If you want to activate an authentication feature, select Enable Two-factor Authentication to require users to provide OTP (One Time Password) every time they login to their accounts.
In the OTP Threshold select the number of times the user is allowed to have failed attempts. If the limits exceeded, the allowable threshold will be banned.
In the OTP Resend Threshold field, select the number of times the user is allowed to receive OTP resends. If the limits exceeded, the allowable threshold will be banned.
If you want to set a time delay for login attempts, select Enable login failure wait and select the delay time (in seconds) from the list that displays.
If you want to prevent users who repeatedly provide incorrect login information from attempting to log in again after a specified time, select Enable login failure IP ban.
In the Threshold field, select the number of failed login attempts permitted (from the same IP address) in the first list, and the time period in which these failed attempts must occur in the second list.
In the Ban IP field, select the length of time for which the IP address is banned from
attempting to log in.
- If you want to automatically delete subscribers that did not confirm their subscription within the number of days you specified, select Auto-delete Unconfirmed Subscribers.
In the Delete Unconfirmed Subscribers field, enter the number of days after the subscribtion request that these subscribers will be automatically deleted.
Note: Make sure you have set your contacts to Confirmed before turning this option on.
If you want to automatically delete bounced contacts, select Auto-delete Bounced Addresses.
In the Delete Bounced Addresses field, enter the number of days after bounce that these contacts will be automatically deleted.
Click Save when you have finished. Alternatively, click Cancel to return to the Home screen without saving your changes.