Sigma provides the ability to control the complexity of passwords that should be used, as well as whether Two-Factor Authentication should be required in order to access the system.
This configuration can be managed within the "Security Settings" activity, which is accessible from the Welcome Page. Note, it does not show in the Activities dropdown.
If you do not see this Activity, it may need to be added to your Role - see below.
In this section:
Adding Security Settings Activity
Admin Users will have access to the Admin Users Activity
- Open the User Admin Activity
- Click on the Manage Roles tab
- Click on the Admin User Role
- Tick Password Complexity Setup
- Click Save
- Log out and then Log in to see the Security Settings Activity on the Welcome page
Default Password Complexity
The default rules for passwords can be seen in the Security Settings Activity, as per the table below.
- From the Welcome page, click on the Security Settings Activity
This shows the default settings and whenever passwords are created or reset, they will need to conform to these settings.
|Minimum Password Length (Must be at least 8)||The number of characters the password must contain as a minimum.|
Minimum Number Of Upper Case Characters (Must be at least 1)
|The number of “UPPER CASE” alphabetic characters must the password must contain as a minimum.|
Minimum Number Of Lower Case Characters (Must be at least 1)
|The number of “lower case” alphabetic characters the password must contain as a minimum.|
|Minimum Number Of Special Characters (Must be at least 1)|
The number of “special” characters the password must contain as a minimum.
Special characters are any character excluding alphabetic, numeric or spaces.
Minimum Number Of Numeric Characters (Must be at least 1)
|The number of numeric characters (0123456789) a password must contain as a minimum.|
Minimum Number Of Alpha Characters (Must be at least 0)
|The number of alphabetic (a-z) characters the password must contain as a minimum.|
Minimum Password Repeat Age (Months) (Must be at least 10)
|The minimum number of months that can go by before a previously used password can be re-used.|
|Two Factor Authentication||Choose of Opt In or Opt Out. See below for more details|
Changing the Password Complexity
From the Security Settings Activity:
- Change any of the settings to a HIGHER figure
Note: You can not set anything that falls below the minimum requirement (as described in the option).
For example the minimum length of the password is 8 characters.
- If you were to enter 7 or under, the following would show, and you will not be able to save it:
Once you have changed any of the settings:
- Click Save to save the changes
Sigma has two factor authentication available which is an extra layer of security used in addition to entering a username and password when logging into the system. It ensures that two pieces of evidence (factors) are entered in order to successfully authenticate and gain access. When this is enabled, each Sigma User will be required to provide an additional item of authentication (a verification code) on top of their username and password that will prove who they are. Once enabled, users will only be allowed to log in using Two-Factor Authentication from that point forwards.
Users must have access to an authentication application that uses RFC 6238. There are two methods this can be achieved, either by installing an application on a Smart phone (e.g. Google Authenticator, available on the applicable app store) or installing an extension to a desktop web browser (e.g. Authenticator).
The configuration is done in two stages. Firstly, Two Factor authentication needs to be enabled, and secondly, each User will need to be sent a "Secret Key" which will need to be entered into the authentication mechanism being used to allow a verification code to be generated.
Enabling Two Factor Authentication
Within the Security Settings Activity, Two-Factor Authentication can be enabled by selecting ‘Opt In’ from the corresponding drop down box.
- Change from Opt Out to Opt In
When this is enabled, a suitably authorised User (Administrator) must immediately send every user a unique secret key to be used when configuring the authenticator application which will generate the additional verification code as part of each logon going forwards.
This is done within the the User Admin Activity.
- Open the User Admin Activity
- Select the Manage Users tab
- Select the User you want to send a Secret Key to
- Click Reset Secret Key
Where Two Factor Authentication has been enabled for the first time, all Users will require a Secret key to be sent to each of them.
- Selecting this button will send an email to the User with details of the Secret Key to be entered into their authentication app
Setting up Two Factor Authentication
Once the Secret Key has been received by the User, the authenticator app can then be setup ready to generate a verification code.
Mobile App - Google Authenticator
The Google Authenticator mobile app is free to use and can be downloaded from the Play Store on Android phones or the App Store on iPhones.
When accessing the app for the first time it will guide you through the process of setting up an account on the app to authenticate with Sigma.
It is a very simple process and only requires the a "Name" for the account and the "Secret key" to be specified, then click Add.
The app will then be setup to provide a verification code as required each time the User logs onto Sigma going forwards.
Using Two-Factor Authentication
When Two-Factor Authentication is enabled, whenever a User logs into Sigma after correctly entering their username and password, a Verification screen will be displayed prompting the user for a Verification Code.
- Users will need to generate the Verification Code using the authenticator app that has been setup for each User.
- The app will show a six-digit number that is valid for at most 30 seconds.
- Once the code had been generated, enter it into the Verification Code field in Sigma
- Click Verify to access Sigma
Once the code has been entered and the Verify button selected, Sigma will complete the authentication and grant access to Sigma.