Skip to end of banner
Go to start of banner

Administrator's Guide - 1.0

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

General Settings

General settings are available through the Add-ons administration interface under the General Settings link. Once you have completed making your selections, click Save to save them or Cancel to discard them.

On This Page

Configuration SettingDescriptionDefault Value
Application users Can Require 2FAApplication users familiar with 2FA may want the strongest possible settings in place for their own account. If enabled, this configuration provides you with the option to allow application users to control how 2FA behaves for their own user account. Users can elect to have 2FA always enforced, regardless of rules in place to control certain content areas of the application.Yes (enabled)

Users can disable their own 2FA

This setting controls whether or not you will allow your application end users to disable 2FA configuration once they're set up.Yes (allow)
Allow use of recovery codeIf a user doesn't have their 2FA application or token, they can access their accounts using a recovery code. Recovery codes are only issued once to a user when they first set up 2FA and users are encouraged to store them in a safe location. Six separate recovery codes are issued to the user, of which, only one is required to be keyed into the application order to recover their 2FA credentials.Yes (enabled)

2FA Timeout Value

Configure the length of time that a application users 2FA session token is valid after which the system logs out inactive users. Valid timeout values range between 15 minutes and 48 hours. Choose a shorter timeout period if you want to enforce stricter security.1 hr

Restrict Git repository activities

While the rules don't apply to specific Git activities (e.g.,'git pull', 'git push', 'git fetch', etc) you can enforce that all user sessions from external client applications (e.g., SourceTree, eclipse, etc) have a active 2FA session established - directing the user to establish this by logging into the application.NO
(do not restrict)

Send activity emails to users

When a user enables or disables 2FA on their own account, the system can send them an email notifying them of the action.Yes (enabled)

Send usage data

As part of building awesome add-ons we sometimes need to gather basic usage data to continually improve. No Personally Identifiable Information (PII) is included in the analytics information sent. We do include the Support Entitlement Number (SEN) to help improve our customer support experience. For more details on what is being sent, please refer to this page.



  • No labels