Security Settings
Here at MINTclass we take the security of your data very seriously but we also know that you need the ability to adjust theses settings to fit in with your school needs. There a three different security screens dependant on how your users access MINTclass.
All the security settings for MINTclass can be found in one place to make things simpler. You will need to be logged into MINTclass as an Admin user and click on Cortex at the top of the screen.
Username and Password directly into MINTclass
If your staff enter a username and password to log into MINTclass please follow the instructions below:
Click on the Security tab on the side bar. You will now see the security page where you can choose to use the defaults set by us or change any of these to suit the needs of your school.
Allow / Disallow option
The first section allows you to allow or disallow certain functions. For example:
Allowing email for 2FA
Allowing email as 2FA is against our recommendation but we understand that staff may not be allowed phones in school. Therefore, we advise that you whitelist your school IP(s) so staff don't need to 2FA when at school. When they are outside of school, such as when at home, then they can 2FA with their mobile.
Device Trusting
We have set the 2FA device trusting to allow so that users will not need to use the 2FA every time they log into a trusted machine. If you turn this setting off users will need the 2FA code every time they log into MINTclass.
Forgotten Passwords
Finally, you can now allow users to reset their own passwords. If you leave this set to allow then users will be able to reset passwords via email which should save you as an admin user a lot of time.
Timer Options
This section also has three options which allow you as a school to decide time lengths for accounts. For example:
Account Dormancy allows you to decide how many days since the last time a user logged in before the account is disabled and an activation email will need to be sent to the user to allow them to log in again. We have set the default to 180days but you can choose 30, 60, 90 or 365 days instead.
Login Session Time
You can now choose how long a user can be logged into MINTclass before they are automatically logged out. The default here is Browser Session which means that it's down to the user's browser. It will either log you out when you close the browser or some can keep you logged even after you close. You can alternatively choose 1 hour, 6 hours, 12 hours or 24 hours.
Activation Timer
When a new user or a user who has been reactivated logs in you will need to send them an activation email (from the staff admin screen). You can decide how long the link in this email remains active for. We have set the default to 7 days but you may wish to choose 1, 2, 14 or 30 days.
Password Strength
As previously stated we take security here at MINTclass very seriously not only to protect users but students as well. We have now added a password security setting for which the default is Level 3. If your users are struggling to create a password that matches the Level 3 criteria, you can lessen the strength to Level 2. If you need to lessen it further, you can do so to Level 1 although we do not advise this due to very low password strength. For more information on password security please click here.
Miscellaneous
This section of the security tab contains setting such as your school email suffix and IP whitelisting.
School email suffix
If you want to make sure that users only use school email addresses to log into and reset passwords for MINTclass than add you your school email suffix here - for example, @myschool.org.
Non-2FA secure IPs
If you don't want users to have to use 2FA in school you can add your schools external IP address or range of IP addresses here.
If your school uses AD (Active Directory) to access MINTclass:
Click on the Security tab on the side bar. You will now see the security page where you can choose to use the defaults set by us or change any of these to suit the needs of your school.
Allow / Disallow option
The first section allows you to allow or disallow certain functions. For example:
Allowing email for 2FA
Allowing email as 2FA is against our recommendation but we understand that staff may not be allowed phones in school. Therefore, we advise that you whitelist your school IP(s) so staff don't need to 2FA when at school. When they are outside of school, such as when at home, then they can 2FA with their mobile.
Device Trusting
We have set the 2FA device trusting to allow so that users will not need to use the 2FA everytime they log into a trusted machine. If you turn this setting off users will need the 2FA code everytime they log into MINTclass.
Timer Options
This section also has three options which allow you as a school to decide time lengths for accounts. For example:
Account Dormancy allows you to decide how many days since the last time a user logged in before the account is disabled and an activation email will need to be sent to the user to allow them to log in again. We have set the default to 180days but you can choose 30, 60, 90 or 365 days instead.
Login Session Time
You can now choose how long a user can be logged into MINTclass before they are automatically logged out. The default here is Browser Session which means that it's down to the user's browser. It will either log you out when you close the browser or some can keep you logged even after you close. You can alternatively choose 1 hour, 6 hours, 12 hours or 24 hours.
Activation Timer
When a new user or a user who has been reactivated logs in you will need to send them an activation email (from the staff admin screen). You can decide how long the link in this email remains active for. We have set the default to 7 days but you may wish to choose 1, 2, 14 or 30 days.
Non-2FA secure IPs
If you don't want users to have to use 2FA in school you can add your schools external IP address or range of IP addresses here.
Frog Logins will not be affected by this update