System Options: Security Settings
Navigation | Security Groups Defaults | Edit Security Group | Full User and Client Rights | Global Options | Resources
Navigation
Menu > Admin/Manager > System Setup > Account Information > Security Settings
Security "Group" Settings allow users to grant or restrict access to different areas of Workamajig. Once the setup of security groups is completed, you can then edit each Employee record and assign them to a security group based on what they will need to do in Workamajig.
Security Group Defaults
The system contains default security groups that have typical areas of access based on typical roles performed by users accessing Workamajig:
Account Managers
Accounting
Administrator & IT
Clients
Creative & Production
Vendors & Freelancers
We recommend that you use the default security group settings during your initial setup/implementation phase. As you become more adept with the system, you can easily setup more Security Groups to fit your needs.
To add additional security groups, or edit existing ones, please refer to the the Add a Security Group guide.
Edit Security Group
Click the pencil edit icon next to the name of the selected security group.
Group Name - Here you can change the name of the group. Which is visible to administration setup and employee setup.
Security Level - This is used to prevent users who can edit employee records, to not assign a Security Group to themselves or other with a group level that is higher than themselves.
This group can change the background image - This allows the users to set their own background image for the menu.
Default Page - You can set a default page for the group. But know that each user can override this in their user settings.
Data Sets - This controls what Custom Report Data Sets users of this group can use to start a new report with on their own. It does not restrict them from accessing reports made by others with different data sets.
Full User and Client Rights
For the full list of rights and definitions, please review the Security Group Rights guide.
NOTE: While you can see while users are in the selected groups, you cannot change which group the users are a part of in this screen. You will need to go into their employee record to change that.
Global Options
Password Settings
Passwords Require Numbers - Option to require that the user has to enter a number as part of the password.
Passwords Require Letters - Option to require that the user has to enter letters as part of their password.
Passwords Require Special Characters - Option to require that the user has to enter a special character (!@#$) as part of their password.
Passwords Require Capital Letters - Option to require that the user has to enter capitol letters as part of their password.
Passwords Require Lower Case Letters - Option to require that the user has to enter lower case letters as part of their password.
Passwords May Not Be Similar To User ID - Restricts passwords from being the same as the username.
Users Must Change Password On First Login - This works one-time only per user record. NOTE: To apply a force password change after the initial login, you can use the Force Password Change option in the users employee record.
Password Minimum Length - Enter the minimum number of characters long that a password has to be.
# of Passwords to Remember - Enter the number of passwords you would like the system to remember when validating a users new password. If this option is set to 5, then when a user changes their password, it can not be any of the past 5 passwords they have used. This keeps people from switching between two common passwords. If you enter 0, then it will not remember any passwords.
# of Incorrect Logins before Lockout - You can specify how many attempts to enter the correct password a person has before they are locked out of the system. An administrator has to unlock a person before they can log in again. If you enter a 0, then users will be allowed an unlimited number of login attempts.
# of Days between password changes - You can specify how often a person must change their password. If you want them to use a new password each week, then enter 7. if you enter a 0, the system will not require any password changes.
Logout after # of inactive minutes (0 unlimited) - Lets you specify the number of minutes any user is inactive within the application and then logout their current session. For example, if you enter 20, then once a user has clicked on no actions in Workamajig, they will be logged out. NOTE: If the user has a record open and populated, but not saved, the data of that unsaved record will be lost upon the auto-logout.
Other options
Force all users to use Platinum - When checked, ALL users attempting to login using the Classic/Flash Interface will be taken to the Platinum Interface.
Allow users to request a password reset email - If selected, users can click a "Forgot Password" link and request an email that will contain a link to allow a password reset. Be sure the user is using your servers URL to start.
Restrict Custom Report Project Data to assigned users - If selected, data in custom reports will be restricted to only projects that the user is assigned to.
Show GL Company Access Restrictions Setup - If this checkbox is checked, you will be able to setup access to GL Companies on the company and contact screens and control GL company restrictions.
Enable GL Company Restrictions
- Appears when "Show GL Company Access Restrictions Setup" is checked.
- For more on this feature, refer to the GL Company Security Setup guide.