Skip to main content

System Settings

Change the Application Logo in the Login Page

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Login select Login logo.
  5. Under Image URL, paste the login logo image link.
  6. Click Save.

Preview the Application Logo from the Login Page

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Login select Login logo.
  5. Under Preview, view the login logo image.

Minimum Size and Format for the Login Page Logo Picture

Minimum file size should be 280px X 600px (height X weight) in a web-supported format. Images as vector files such as .epsand.svg are preferred.

Set Pre-Defined Login IDs for New User Account Registration

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Login select Login ID RegEx.
  5. Under Regular Expression, enter a pre-defined login ID for new user accounts.
  6. Under Regex Testing, enter an optional test login ID.
  7. Click Save.
info

Login ID Regular Expression controls which IDs are valid upon registration. If a login ID does not match the regular expression, user will not be able to register. When left empty, login IDs containing, letters, numbers, and symbols will be allowed.

tip
  • You should restrict login ID regular expressions to your institution domain. Example: for users with @ticrypt.com domain enter the expression ^[^@]+@ticrypt.com$.
  • You may also revoke certain characters while keeping the standard expression for your institution domain. Example: [a-ZA-Z0-9!_~\.]+(@ticrypt\.com|@nowhere\.com).

Display a Global Login Message

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Login select Login Message.
  5. Tick Show a login message.
  6. Enter the message icon, severity and expiration date.
  7. Under Message, enter the login message.
  8. Click Save.
info

The login message is always global to all users in the system.

Edit the Expiration Date in a Login Message

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Login select Login Message.
  5. Under Expiration, select a new expiration date.
  6. Click Save.

Preview Your Login Message

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Login select Login Message.
  5. Tick Show a login message.
  6. Under Preview, view the login message.
  7. Click Save.

Specify a Front-End URL for Automatic tiCrypt Last Version Updates

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select Update URL.
  5. In the Update URL field, enter the URL for automatic last version updates.
  6. Click Save.
info

The Update URL allows tiCrypt Connect to check for updates in the front-end.

tip

Point the URL to a JSON file containing the latest version number and download URL for the latest front-end version.

Specify External Servers URLs for SFTP Inbox Endpoint Encryption

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select External Servers.
  5. Under SFTP Inbox Endpoint Servers, enter the domain or IPv4 address to configure tiCrypt CORS.
  6. Click Add.
  7. Click Save.
note

This operation is necessary for the front-end to communicate with first-party external servers for SFTP inboxes. The servers must understand SFTP and be able to encrypt/forward data to tiCrypt inboxes.

Specify Survey Deployment Server Domains or IPv4 Addresses for Submitting Encrypted Surveys

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select External Servers.
  5. Under Survey Deployment Servers, enter the domain or IPv4 address to point tiCrypt CORS configuration.
  6. Click Add.
  7. Click Save.
note

This operation is necessary for the front-end to communicate with first-party external servers for public surverys. The servers must host a web interface for filling out and submitting E2E-ecrypted surveys.

Remove Server Domains or IPv4 Addresses for Encrypted SFTP Inbox Endpoints and Public Surveys

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select External Servers.
  5. Under SFTP Inbox Endpoint Servers and Survey Deployment Servers, view the server domains and IPv4 addresses to remove.
  6. Click Delete.
  7. Click Save.

Specify URLs Allowed Through tiCrypt's XSS Protection

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select XSS Headers.
  5. Under XSS allowed links, enter the domain or IPv4 address to allow through tiCrypt XSS protection.
  6. Click Add.
  7. Click Save.

Specify Image Sources Allowed Through tiCrypt's XSS Protection

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select XSS Headers.
  5. Under XSS allowed image sources, enter the domain or IPv4 address to allow through tiCrypt XSS protection.
  6. Click Add.
  7. Click Save.

Remove Server Domains or IPv4 Addresses from tiCrypt's XSS Protection Whitelist

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Servers select External Servers.
  5. Under XSS allowed links and XSS allowed image sources, view the server domains and IPv4 addresses to remove.
  6. Click Delete.
  7. Click Save.

Edit the User Inactivity Period Before Their Private Key is Cleared from Memory

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Timeouts select Private Key Timeout.
  5. Under Minutes, enter the number of minutes before the user's private key is cleared from memory.
  6. Click Save.

Edit the User Inactivity Period Before Their Front-End Terminates the Session

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Timeouts select Session Timeout.
  5. Under Minutes, enter the number of minutes before the front-end terminates the user session.
  6. Click Save.

Add User Helpdesk Resources in the Top-Right Menu

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Users select User Helpdesk.
  5. On the left column, under Label, enter the display text for the helpdesk resource.
  6. On the right collumn, under Link, enter the URL or phone number of the helpdesk resource.
  7. Once done, click Save.
note

The user helpdesk will display front-end data in the Open User Menu in the top left corner.

Edit the Global Password Strength Requirements for New Users

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Users select Password Strength.
  5. Set the password strength to Anything, Weak, Decent, Strong, or Very Strong as necessary.
  6. Once done, click Save.
info

Password strength requirements apply only to new users. Current users must update their passwords.

Set Inbox URLs for Non-User Uploads into the Vault

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Users select Inbox Settings.
  5. Under Inbox URL, enter the inbox URL address to allow non-users to connect to tiCrypt inboxes.
  6. Click Save.
info

Use qualified URLs where the web interface for uploading to an inbox is actively hosted.

Set Maximum Allowed Inbox Token Duration for Non-User Uploads into the Vault

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Users select Inbox Settings.
  5. Under Days, enter the maximum number of days allowed for tiCrypt inboxes.
  6. Click Save.

Enable Admin Session Downgrades for a Limited Time

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Users select Admin Session Downgrade.
  5. Set admin session downgrade to enable.
  6. Click Save.
info

To disable admin session downgrade, select disable under the same settings.

Set the Frequency for Caching Users' Private Keys in Browser Local Storage

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Caching select Private Key Caching.
  5. Set private key caching frequency to Always, Never or Let the user decide.
  6. Click Save.
note

Decide if users' encrypted private keys get cached in browser-local storage. Local storage persists through browser restarts and computer reboots.

Enable or Disable the Multi-Factor Authentication (MFA) Caching Upon Login

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Caching select MFA Caching.
  5. Set MFA caching tokens to Always or Never.
  6. Click Save.

Globally Set a Default File Share Duration

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Files select Default File Share Duration.
  5. Under Days, enter the number of days before a shared file key expires when no expiration date was specified by the file owner.
  6. Click Save.

Allow External File Preview Within Browser

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Files select External File Preview (open in new tab).
  5. Under Allow external file viewing, select Yes.
  6. Click Save.
info

To disallow external file viewing, select No under the same settings.

Enable CUI Disclosure On-Screen

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Notices select CUI Disclosure.
  5. Set CUI disclosure display to the top of the page, the bottom of the page and/or as a pop-up modal upon login.
  6. Click Save.
note

You may display the CUI disclosure in multiple positions at the same time.

caution

When CUI disclosure pops up as a modal, all users must accept the CUI disclosure to proceed using tiCrypt.

Implement Terms of Service into the System

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Notices select Terms of Service.
  5. Enter the terms of service in the designated area.
  6. Under How often to display, enter the terms of service global display frequency.
  7. Click Save.
note

The terms of service is displayed to all users at least once when active. All users must agree to the terms of service before being able to log in.

Update Terms of Service

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Notices select Terms of Service.
  5. Edit the terms of service in the blank box area.
  6. Click Save.

Edit Terms of Service Display Frequency

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Notices select Terms of Service.
  5. Under How often to display, edit the terms of service global display frequency.
  6. Click Save.

Preview the Terms of Service Display

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the right panel, under Notices select Terms of Service.
  5. Click the Demo button in the bottom left corner to preview the terms of service.