Security Settings

  • Published on Jul 3, 2025
Prev Next

Preliminary Remarks

The security settings in the user administration are used for the security of the Merchant Backend accounts and are set for all users of the Merchant Backend. The following security settings can be made:

  • Two-factor authentication

  • Automatic deactivation of inactive users

  • Reset password

  • Password rules

Security Settings

Two-factor authentication

If the checkmark is set, every Merchant Backend user is forced to set up two-factor authentication.  

Automatic deactivation of inactive users

If the check mark is set, inactive users of the Merchant Backend are automatically deactivated after the defined period has expired.

  • after x days determines after how many days inactive users should be deactivated. A value between 1 and 365 can be entered here. 

  • Session timeout of users defines the time in hours after which an inactive user is automatically logged out of the Merchant Backend.
    If no entry is made here, a time of 12 hours is automatically set.

Note: Only accounts with the "User" role are automatically deactivated. User accounts with the "Administrator" role are not automatically deactivated.  

Reset password

  • Email recipient*: The e-mail addresses of those responsible can be entered here if a Merchant Backend user wishes to reset their password.

  • Reset password*: The drop-down menu can be used to determine whether the password can be reset by users or only by the administrator .
    If only the administrator can reset the password, the administrator receives an e-mail that a user wants to reset the password. The administrator logs into the Merchant Backend and can reset the password for the user at User Administration> Users.
    If the users can reset their password themselves, they will receive an e-mail containing the token for resetting the password. 

Note: Users can only receive an e-mail if an e-mail address has been stored in their user account. If the user has not entered an e-mail address, the administrator receives an e-mail informing them that a user wishes to reset their password. 

Password rules

  • Minimum length of password (mandatory field): Setting for the minimum length of the password.

  • Checkboxes: determine which components the password must contain.

    • Capital letters

    • Lower case

    • Digits

    • Special characters

Related articles