My1Login Profile Settings Guide

My1Login Profile Settings Guide

Settings

The Settings tab is where you can set options across the account for all users, specific groups, and administrators.

Account Settings Profile

Multiple profiles can be made to apply different settings to users via workgroup memberships.

If a user is a member of multiple workgroups then the positive effect of the setting is active for the user. For example, if a user is part of a workgroup profile that turns off the “Show ‘Add New’ Button in Vault” but also part of a profile that turns on this setting, then the user will see the button in the vault.

User Vault Settings 

The User Vault is where a user can see all of the applications they have stored identities for.

These settings control the functionality and UI aspects of a user’s vault page.



Show 'Add New' Button in Vault

On the user’s vault there are two ways in which to manually add a bookmark to the vault: by clicking on the “Add New” Icon or by clicking on the + icon on the grey bar.

On: Users will be able to manually add bookmarks to their vault using either the “Add New” or the “+” icon on the grey bar.

Off: Users will be unable to manually add bookmarks to their vault.

The default is for this feature is on.

The plugin link appears at the top of the My1Login web application page, labelled as “Install Plugin”. This allows users to locally install the My1Login plugin where it has not been deployed centrally. 

This option controls the visibility of this link.

The default is for this feature is off.

Show Bookmark Type Icon

Two types of bookmarks are stored in a My1Login vault, web applications and desktop applications.  These bookmark types may be identified by an icon on the top right of the bookmark tile.

This option controls the visibility of these icons. 

The default is for this feature is on.

Users' Bulk Bookmark Import

On the grey bar in the user’s vault there is a “bulk import” link which allows users to import many credentials at any one time.

This option controls the visibility of this link.

The default is for this feature is on.

Plugin Settings

These settings control functional and visual aspects of the My1Login browser plugins.

Store Login Credentials by Default

This setting determines if when a user logs into a new web application, what happens to the credentials if the user does not respond in time to a prompt that appears asking if they wish to store those credentials on My1Login.

On: If the browser plugin prompt is ignored or times out, the credentials are automatically stored in the user's vault.

Off: If the browser plugin prompt is ignored or times out, the credentials are not stored.

The default is for this feature is on.
This setting does not apply to applications where the URLs are stored on either the inclusion or exclusion list.

Open Vault on Start-up

When an on-premise AD user opens their browser, with the browser extension installed and the account short code added to the browser’s start-up URL, they are automatically authenticated into their My1Login account. This option determines if the user is also automatically presented with their My1Login vault page on browser start-up.   

The default is for this feature is on.

Open Vault in Foreground

This option controls whether if the Open Vault on Start-up setting is enabled, the vault page is shown in a foreground tab (directly visible to the user) or a secondary tab.

The default is for this feature is on.

Enable Any Web App

This setting determines if the account is driven by the Inclusion List (thereby strictly limiting which web applications are stored for a user) or if any web application (except those on the Exclusion List) will be stored in the vault.

The default is for this feature is on.

Show Padlock Icons

If the browser extension detects a username or password field on a web site then a My1login-branding padlock icon is shown in that field.

This option controls the visibility of these icons. 

The default is for this feature is on.

Require Extension to Access Vault

When a user accesses the vault and does not have the extension installed on their browser, a screen will appear requesting them to install the extension.

This option controls whether the user is shown this screen or if they are simply taken straight to their vault page.

The default is for this feature is on.

Allow User to Skip Extension Install

If the “Require Extension to Access Vault” setting is on, then this option controls if the user is shown a link that allows them to bypass the plugin install screen.

The default is for this feature is on.

Match Target Site by Full Domain

Some third-party web sites, and especially intranet sites, partition their applications using sub-domains off a primary domain.  In such cases it is necessary to match a bookmark by the full URL of an application rather than just the primary domain.

Disabling this option is only useful if a site routinely uses sub-domains for purposes such as load balancing (where the user may be directed to the same application but with different sub-domains).  In this case disabling this option prevents the creation of multiple bookmarks for the same site.

The default is for this feature is on.

SSO Password Vaulting

Upon reaching a third party web site and there are credentials stored in the user’s vault, the plugin will submit these credentials if there is one, or give the user the option on which credentials to use if there are multiple credentials that match the domain.

Disabling this option disables the ability to do this through the extension.

The default is for this feature is on.

App Discovery

The extension runs in ‘discovery mode’ where it will add URLs to the Notifications list whenever a user logs into a third-party site.

Disabling this option makes it so URLs are not added to the Notifications list.

The default is for this feature is on.

App Discovery

Allows users to use the password change tool without a password policy created for the application.

Disabling this option stops the password generator appearing for users. 

The default is for this feature is off.

Security Settings

The settings in this area control security related aspects of the account.

Allow Login via AD

This option allows AD-synchronised users to log into My1login off-site by manually entering their AD credentials.

The default is for this feature is off.

Allow Login only on authorised IP Addresses?

This option is only available if the previous option is enabled, you can filter the login process via IP address and only allow logging in from certain IP address when using AD credentials.

The default is for this feature is off.

Share Credentials

This option allows users to share credentials from their vault.

By default, this option is set to off.

If you have the AD Self Service Password Reset module then this option controls if a link to allow users to reset their AD password appears on the login page tied to your account’s My1Login sub-domain.

The default is for this feature is off.

Second Factor on On-Premise AD Login

This setting determines if any configured second factors apply to users that are logged in automatically via Active Directory.

The default is for this feature is off.

All Users self-service MFA

This option gives the users the ability to self-activate MFA through their profile page. This option should not be enabled you wish for MFA to be mandatory.

The default is for this feature is off.

Transfer Credentials

This option enables user to have the ability to transfer a set of credentials from their own vault to another user. This transfers ownership of the identity to the recipient. 

The default is for this feature is off.

Persist Session on IP Change

This option is for when a user’s IP address changes and the user wants to continue using My1Login without having to log in again.

If this option is disabled, and if the user’s IP changes while they are logged in, the system will log them out.

The default is for this feature is off.

Super Admin Settings

These settings only appear if you are logged in as the owner of the account.

Admins Can Take Ownership

On the administration screen within the Apps > Credentials tab, administrators can take control of credentials that users have stored on My1Login.

This option controls if administrators can use this function. 

The default is for this feature is on.

Note: To have this option disabled/enabled you will need to contact My1Login.

Add Local Users

This option controls the ability for administrators to be able to add web users to the My1Login account.

The default is for this feature is on.

Allow Log Clearing

This option controls the ability for administrators to be able to clear logs of the activity history on the reports tab.

The default is for this feature is off.

Enable Syslog via ADC

This option enables/disables the Active Directory Connector to report to the Syslog.

It is advisable to maintain this setting as off unless Syslog is configured on an ADC. Syslog logging of audit entries can generate significant traffic, so please be careful with this setting.

 The default is for this feature is off.



    • Related Articles

    • Resetting your My1Login Admin User Password

      Before resetting your Admin password, make sure that the ADC is running or that there is another Admin that can access the My1Login Admin portal. Once you have confirmed that either: Your company's My1Login Active Directory Connector is running or ...
    • Service Desk Admin Guide

      Service Desk Admin Role The Service Desk Admin Role is a way to promote users to manage other users of the account without opening up the whole admin panel to non-admin users. Comparison to an Admin on the Same Account The List of options available ...
    • Changing your My1Login User Passphrase

      Web Admins & Web Users Changing Passphrase: Web users can change their passphrase whilst logged in to My1Login. Select their username in the top right corner and then select Profile. For forgotten passphrases please see: Admins: Resetting your ...
    • Logging in to your My1Login Account

      Active Directory Integrated Login When your account is tied to an Active Directory user instance, use your Active Directory credentials. If you are on an network joined machine, and are already logged into your corporate environment, you will be ...
    • Sharing Credentials with Users or Groups

      Application credentials can be shared with other users or groups in your organisation. The ability to share identities is controlled within the admin settings. This guide will take you through the steps required to do this. Permission to Share ...