How to Manage Account Security

Overview
This article gives an overview of user-level security protections in Upmind. We will cover:

1. Login Attempts and IP Address Whitelists
2. File Upload Types
3. Two-factor Authentication
4. Password Resets

To secure your data, Upmind has a security menu under Settings, as an Admin and Staff you can manage it. Here are the steps you might follow:

1. Login to Upmind
2. Go to Setting
3. Find Security under Branding and Customisation Heading. Then you can manage login attempts, IP Whitelist, and File Upload Types you might receive from your client.

How to Manage Login Attempts and IP Whitelist

This section allows you to configure login security.

1. Login to Upmind
2. Go to Settings and find Security.
3. Then you can manage login attempts and IP Whitelist on the column.

How to find out my IP address
If you want to find your IP address, then you can go to the website ip.me.uk

Setting IP access allows on a per-user basis
IPs can also be allowed on a per-user basis under the staff control panel. This can also be done on a per-API token basis. Please note that this overrides the global IP Whitelist for that user.
As an administrator, you can add a staff user under Settings -> Staff Users then add staff.

How to Manage Two-factor Authentication
Upmind also has Two-factor authentication as an additional layer of security to your account; once enabled, your account will be protected by both your password and a time-sensitive code.
By default, it’s not active so if you want to activate 2-step verification, here are the steps:

1. Login to Upmind account.
2. Go to the dashboard and click your email in the left bottom corner.
3. Choose My Account, then click Security.
4. Scroll down to find 2-Step Verification and click enable.
5. On the next screen, there will be a barcode that you need to scan using your phone or authenticator app and if you’re using a mobile phone then you can click the link given to get the code.
   Fill the generated code and now 2-step verification is active.

How do I reset my 2FA if I have lost my authenticator?
If you have lost your 2FA code you can ask another administrator on your account to reset your 2FA access. If there are no further administrators or no one can get in, then you will need to raise a ticket with Upmind support who can take you through advanced authentication.

How to Reset a Password as a Staff Admin
If you want to reset a password, here are the steps:

1. Login to Upmind
2. On the dashboard, click your email in the left bottom corner.
3. Choose My Account and click Security.
4. Then you can change your password by filling in your old and new password
   Make sure you have a strong password that contains at least 8 characters, one letter, and one number.
   Click change password. Now your password has been updated.

Just in case you forgot your password and can’t log in to your Upmind account, then you can request to update your password on the login page.

1. On the client login page, click “Forgot your password?”.
2. Fill in your email and click “Send reset”.
3. The verification link has been sent through your email, click the link given to reset your password.

How to Manage Upload File Types
This is in relation to support tickets and what files can be sent via support ticket. While we virus scan all attachments (and flag errors if virus scans are not successful), it is wise to restrict attachment types to those you would expect to receive.

1. Login to Upmind
2. Go to Setting
3. Scroll down to find File Uploads.
4. Manage the Denied Download by Scan Status by thickening the box.
   Then thick the box which file upload you’re going to receive and allow your customer to upload in the client area (you’re allowed to thick all the file types).