Start FileCloud FREE Trial
Log in

Security Checklist: 1 User Authentication

Ensure that only users with the right credentials can access data by employing default authentication or active directory services such as AD and LDAP. In addition, consider setting up 2FA, requiring strong passwords and adopting other practices like automatic session timeouts and reCaptcha verification.

Use Active Directory (AD) or LDAP Authentication

If you store your users in AD, import them from AD into FileCloud and set up AD authentication. If you are using LDAP to connect to your AD server or a third-party authentication system, you may set up LDAP authentication or AD authentication. 

By default, LDAP communications between client and server applications are not encrypted, so we recommend that you enable LDAP over Secure Sockets Layer (SSL) or Transport Layer Security (TLS).
You can also enable AD over SSL. 

For help setting up these integrations, see:
Active Directory Authentication
LDAP Based Authentication

Set up two-factor Authentication (2FA)

Once you choose your authentication type, determine whether to require 2FA on both browser and mobile logins. Note that use of 2FA is recommended for all external users.
See Two Factor Authentication.

Another way to set up multiple authorization on mobile devices is to require users to enter a pin code to access any FileCloud app.
See Setting Client Application Policies.
To show users how to configure a pin code on their iOS or Android device, see:
Configure iOS Security
Setting a Lock on Your Android App 

Strong Password Management

FileCloud recommends that your users choose strong passwords that require different types of characters, have minimum lengths, and avoid commonly-used passwords. FileCloud provides these settings and several additional ones so you can create a strong password policy.
See Password Settings

Other Authentication Options

Other authentication options may be beneficial in your setup or may be required if you follow software compliance standards.
See:
Desktop Apps Code-Based Authentication
"Who can create and approve accounts" in New Account Creation
User Session Expiration
reCaptcha Settings