Skip to main content

System Settings

Legend
  • Click the Places this appears button to view where the setting is located in the system.
  • The top-right panel previews your changes in the system.
  • Use cards and sections to navigate the system settings.

Add Login Logo in the Login Page

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Logo card.
  5. Select the Login logo section.
  6. In the right panel, under Image URL, paste the login logo image link.
  7. In the bottom-right, click Save.

Minimum Size and Format for the Login Page Logo Picture

Minimum logo size should be 280px X 600px (height X weight) in a web-supported format. Images as vector files such as .epsand .svg are preferred.

Set Pre-Defined Login IDs for New User Account Registration

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Logo card.
  5. Select the Login IDRegEx section.
  6. In the right panel, under Regular Expression, enter a pre-defined login ID for new user accounts.
  7. In the bottom-right, click Save.
info

Login ID Regular Expression controls which IDs are valid upon registration. If a login ID does not match the regular expression, user will not be able to register. When left empty, login IDs containing, letters, numbers, and symbols will be allowed.

tip
  • You should restrict login ID regular expressions to your institution domain. Example: for users with @ticrypt.com domain enter the expression ^[^@]+@ticrypt.com$.
  • You may also revoke certain characters while keeping the standard expression for your institution domain. Example: [a-ZA-Z0-9!_~\.]+(@ticrypt\.com|@nowhere\.com).

Display a Global Login Message

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Logo card.
  5. Select the Login Message section.
  6. In the right panel, tick Show a login message.
  7. Enter the message icon, severity and expiration date.
  8. Under Message, enter the login message.
  9. In the bottom-right, click Save.
info
  • The login message is visible to all users in the system.
  • If you do not set an expiration date, the global message remains permanent.

Specify a Front-End URL for Automatic tiCrypt Last Version Updates

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the Update URL section.
  6. In the right panel, under the Update URL field, enter the URL for automatic last version updates.
  7. In the bottom-right, click Save.
info

The Update URL allows tiCrypt Connect to check for updates in the front-end.

tip

Point the URL to a JSON file containing the latest version number and download URL for the latest front-end version.

Specify External Servers URLs for SFTP Inbox Endpoint Encryption

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the External Servers section.
  6. In the right panel, under SFTP Inbox Endpoint Servers, enter the domain or IPv4 address to configure tiCrypt CORS.
  7. Click Add.
  8. In the bottom-right, click Save.
note

This operation is necessary for the front-end to communicate with first-party external servers for SFTP inboxes. The servers must understand SFTP and be able to encrypt/forward data to tiCrypt inboxes.

Specify Survey Deployment Server Domains or IPv4 Addresses for Submitting Encrypted Surveys

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the External Servers section.
  6. In the right panel, under Survey Deployment Servers, enter the domain or IPv4 address to point tiCrypt CORS configuration.
  7. Click Add.
  8. In the bottom-right, click Save.
note

This operation is necessary for the front-end to communicate with first-party external servers for public surverys. The servers must host a web interface for filling out and submitting E2E-ecrypted surveys.

Remove Server Domains or IPv4 Addresses for Encrypted SFTP Inbox Endpoints and Public Surveys

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the External Servers section.
  6. In the right panel, under SFTP Inbox Endpoint Servers and Survey Deployment Servers, view the server domains and IPv4 addresses to remove.
  7. Click Delete.
  8. In the bottom-right, click Save.

Specify URLs Allowed Through tiCrypt's XSS Protection

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the XSS Headers section.
  6. In the right panel, under XSS allowed links, enter the domain or IPv4 address to allow through tiCrypt XSS protection.
  7. Click Add.
  8. In the bottom-right, click Save.

Specify Image Sources Allowed Through tiCrypt's XSS Protection

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the XSS Headers section.
  6. In the right panel, under XSS allowed image sources, enter the domain or IPv4 address to allow through tiCrypt XSS protection.
  7. Click Add.
  8. In the bottom-right, click Save.

Remove Server Domains or IPv4 Addresses from tiCrypt's XSS Protection Whitelist

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Servers card.
  5. Select the XSS Headers section.
  6. In the right panel, under XSS allowed links and XSS allowed image sources, view the server domains and IPv4 addresses to remove.
  7. Click Delete.
  8. In the bottom-right, click Save.

Edit the User Inactivity Period Before Their Private Key is Cleared from Memory

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Timeouts card.
  5. Select the Private Key Timeout section.
  6. In the right panel, under Minutes, enter the number of minutes before the user's private key is cleared from memory.
  7. In the bottom-right, click Save.

Edit the User Inactivity Period Before Their Front-End Terminates the Session

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Timeouts card.
  5. Select the Session Timeout section.
  6. In the right panel, under Minutes, enter the number of minutes before the front-end terminates the user session.
  7. In the bottom-right, click Save.

Allow Copy to Clipboard for User Roles

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the User card.
  5. Select the Copy Settings section.
  6. In the right panel, under Copy to Clipboard, select between Nobody, Super-Admins only,Admins+, Sub-admins+, or Everybody.
  7. In the bottom-right, click Save.
note

The Copy to clipboard is global for all Copy buttons in the system.

Add User Helpdesk Resources in the Top-Right Menu

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the User card.
  5. Select the User Helpdesk section.
  6. In the right panel, on the left column, under Label, enter the display text for the helpdesk resource.
  7. On the right collumn, under Link, enter the URL or phone number of the helpdesk resource.
  8. In the bottom-right, click Save.
note

The user helpdesk will display front-end data in the Open User Menu in the top left corner.

Edit the Global Password Strength Requirements for New Users

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the User card.
  5. Select the Password Strength section.
  6. In the right panel, set the password strength to Anything, Weak, Decent, Strong, or Very Strong as necessary.
  7. Once done, click Save.
info

Password strength requirements apply only to new users. Current users must update their passwords.

Set Inbox URLs for Non-User Uploads into the Vault

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the User card.
  5. Select the Inbox URL & max duration section.
  6. In the right panel, under Inbox URL, enter the inbox URL address to allow non-users to connect to tiCrypt inboxes.
  7. In the bottom-right, click Save.
info

Use qualified URLs where the web interface for uploading to an inbox is actively hosted.

Set Maximum Allowed Inbox Token Duration for Non-User Uploads into the Vault

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the User card.
  5. Select the Inbox URL & max duration section.
  6. In the right panel, under Maximum allowed inbox token duration (days), enter the maximum number of days allowed for tiCrypt inboxes.
  7. In the bottom-right, click Save.

Enable Admin Session Downgrades for a Limited Time

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the User card.
  5. Select the Admin Session Downgrade section.
  6. In the right panel, set admin session downgrade to Enable.
  7. In the bottom-right, click Save.
info

To disable admin session downgrade, select Disable under the same settings.

Set the Frequency for Caching Users' Private Keys in Browser Local Storage

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Caching card.
  5. Select the Private Key Caching section.
  6. In the right panel, set private key caching frequency to Always, Never or Let the user decide.
  7. In the bottom-right, click Save.
note

Decide if users' encrypted private keys get cached in browser-local storage. Local storage persists through browser restarts and computer reboots.

Enable or Disable the Multi-Factor Authentication (MFA) Caching Upon Login

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Caching card.
  5. Select the MFA Caching section.
  6. In the right panel, set MFA caching tokens to Always or Never.
  7. In the bottom-right, click Save.

Globally Set a Default File Share Duration

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Files card.
  5. Select the Default File Share Duration section.
  6. In the right panel, under Days, enter the number of days before a shared file key expires when no expiration date was specified by the file owner.
  7. In the bottom-right, click Save.

Allow External File Preview Within Browser

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Files card.
  5. Select the External File Preview (open in new tab) section.
  6. In the right panel, under Allow external file viewing, select Yes.
  7. In the bottom-right, click Save.
info

To disallow external file viewing, select No under the same settings.

Enable CUI Disclosure On-Screen

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Notices card.
  5. Select the CUI Disclosure section.
  6. In the right panel, set CUI disclosure display to the top of the page, the bottom of the page and/or as a pop-up modal upon login.
  7. In the bottom-right, click Save.
note

You may display the CUI disclosure in multiple positions at the same time.

caution

When CUI disclosure pops up as a modal, all users must accept the CUI disclosure to proceed using tiCrypt.

Implement Terms of Service into the System

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Notices card.
  5. Select the Terms of Service section.
  6. In the right panel, enter the terms of service in the designated area.
  7. Under How often to display, enter the terms of service global display frequency.
  8. In the bottom-right, click Save.
note

The terms of service is displayed to all users at least once when active. All users, regardless of role must agree to the terms of service before being able to use tiCrypt.

Test the Terms of Service Display

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Notices card.
  5. Select the Terms of Service section.
  6. In the right panel, click the Test dialog button in the center right to preview the terms of service.

Download the Terms of Service

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Notices card.
  5. Select the Terms of Service section.
  6. In the right panel, click the Test dialog button in the center right.
  7. In the terms of service pop-up, click Download.
  8. In the local prompt, select the download destination folder.
  9. Click Save.
note
  • If you select Decline in the Terms of Service pop-up, you are redirected to your login page.
  • If you select Accept in the Terms of Service pop-up, you are allowed to use the system.

Enable Track Drive Backup

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Miscellaneous card.
  5. Select the Track Drive Backup section.
  6. In the right panel, select Yes to enable track drive backup.
  7. In the bottom-right, click Save.
note
  • The external API will add backup information for the drives. This does not enable tiCrypt backup; it only tracks backup information for external use.

Disable Track Drive Backup

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the System Settings in the left panel.
  4. In the top center, click the Miscellaneous card.
  5. Select the Track Drive Backup section.
  6. In the right panel, select No to disable track drive backup.
  7. In the bottom-right, click Save.