Settings > User Management > Password & Security
The Password & Security Page allows administrators to configure password policies, multi-factor authentication (MFA), Inbound IP Allow Lists, and User Inactivity Timeouts.
SSO/SAML configuration is on the SSO page.
Description: Forces all current users to reset their passwords at their next login.
Action:
REQUIRE PASSWORD RESET: Clicking this button initiates the password reset requirement for all users.
Behavior: Does not log users out of their current sessions.
Description: Enables administrators to configure custom password restrictions for all users.
Options:
CUSTOM: Toggle to allow custom password policies.
Global MFA
Description: Enforces Two-Factor Authentication for all users.
Status: REQUIRED when enabled.
Behavior: Once enabled, all users must use MFA to authenticate.
Description: Allows administrators to define a list of trusted IP addresses or CIDR ranges to restrict access to Fusion. This list applies to both access to the Fusion Portal AND access to the Fusion API.
Controls:
Dropdown: Input IP addresses or CIDRs.
Guidance: If left blank, no restrictions are applied.
Example:
1.1.1.1
2.2.2.2
3.3.3.3/16
Actions:
SAVE ALLOWED IPS: Saves the configured IP allow list.
IMPORT IPS: Imports IP addresses or CIDRs from a text file or CSV.
Description: Allows administrators to define how long a logged-in user can be idle before they are automatically logged out of the Fusion Portal.
Controls:
User Inactivity: Disabled, 10 minutes, 20 minutes, 30 minutes, 40 minutes, 50 minutes, 60 minutes.
Show Prompt to User: Show a prompt to the user one minute before they are logged out to give them an opportunity to remain logged in. This button is not displayed if the User Inactivity is set to Disabled.
Guidance: Disabled by default.
Last updated