Security and Protection for RUN users
With TagoRUN, you can provide actions and methods to increase your application's security and protection for your Run users, as well as make your application comply with the main laws regarding data privacy and security by providing your end-user safeguards to prevent inappropriate access to their personal data.
By accessing your Run module and selecting the tab 'Security and Protection', you will be able to implement and customize how the account delete requests will be processed, enable two-factor authentication, define the requirements for creating passwords, and protect your application against robot activities.
Delete request process
Deleting end-user data is a significant decision for an application, and TagoIO wants to help you make the best choice. In doing so, you can define which processes the user must follow in order to delete their account.
You can choose to enable the following options:
- Send an email to the profile owner: you can receive an e-mail and manually process the request through the User Management module.
- Immediately delete user account: you can consent to TagoIO to process the request and immediately delete the user account.
- Run an Analysis: you can implement a script to analyze and process the requests using Analysis and our SDK.
TagoIO will never remove any Run User data without your consent. To allow the immediate deletion of an end-user, you must activate the option 'Immediately delete user account'.
Two-Factor Authentication (2FA) for End-Users
Enhance the security of your end-users' accounts by implementing Two-Factor Authentication (2FA), which requires not only a password but also a second form of verification that only the user possesses or knows. Once 2FA is activated, users can navigate to their Account Settings to configure their preferred authentication method, similar to the Two-Factor Authentication setup available on Admin.
To enable Two-Factor Authentication, access the Run module, go to the 'Security and Protection' tab, and find the option labeled 'Do you want to enable Two-Factor Authentication (2FA)?'
The following authentication methods can be enabled:
- App Authenticator
- SMS*
- Email*
Additionally, you can mandate that end-users configure at least one authentication method upon login, ensuring an added layer of security.
*Notice that each email or SMS sent to Run users will be counted as 1 transaction from the respective service. Make sure to allocate the right amount of these resources to your profile. Read more about Allocating Resources to profiles.
Password strength
The strength of a password is a measure to define how hard it will be to gain access to an account through brute force or simply guessing. You can define mandatory password requirements for your Run users when they change or create a new account, and the following requirements are available:
- Must contain upper and lower case letters
- Must contain a mix of letters and numbers
- Must contain special characters (@, !, &, ...)
- Minimum length required
To customize the password requirements, navigate to the Run module and click on the 'Security and Protection' tab. Then, locate the option labeled 'What password strength do you want to require?'
Just like other features within TagoRUN, you can customize the appearance and sentences used for these features on mobile and on the web through the Run Theme and Dictionaries & Multi-language.
User session management
You have the flexibility to determine the duration of your end user's session. Once a user signs in, their session will automatically expire after a specified period that you define, requiring them to re-authenticate. This feature is excellent for enhancing security by periodically prompting users to log in again, thereby reducing the risk of unauthorized access.
You can customize the login session by accessing the Run module, navigating to the 'Security and Protection' tab, and locating the option labeled 'How long should the user's session last?'
You can set the session expiration to occur after a specific number of hours, days, weeks, or months, depending on your security requirements and user convenience.
You can customize the login session by accessing the Run module, navigating to the 'Security and Protection' tab, and locating the option labeled 'How long should the user's session last?'
You can set the session expiration to occur after a specific number of hours, days, weeks, or months, depending on your security requirements and user convenience.
Enabling Captcha
Safeguard your application from automated actions by implementing captcha tests during the Sign In and Sign Up processes. This helps differentiate between genuine human users and bots, thereby preventing malicious activities such as web scraping, spamming, and brute-force password attacks.
To activate CAPTCHA, go to the Run module, click on the 'Security and Protection' tab, and find the option labeled 'Do you want to enable captcha?'
To activate CAPTCHA, go to the Run module, click on the 'Security and Protection' tab, and find the option labeled 'Do you want to enable captcha?'
Related Articles
Run Theme
You have the freedom to personalize the look and feel of the RUN interface, allowing you to craft your application using a unique color palette that resonates with your style. To get started, access the Run module and navigate to the Theme tab. The ...Notifications for Users using Analysis
The Analysis is always a powerful tool when it comes to TagoIO, and that does not change for Notifications. Here you will learn how to send a notification for your TagoRun users using Analysis, how to use buttons, and how to handle user decisions ...Notifications for Users
You can push notification messages directly to the users registered in your TagoRun application. This article will guide you on how to send notifications to your users using Actions or Analysis. Notifications for users are not much different from ...User Engagement
You can also use third-party analytic tools to track and engage with your RUN users. The Integration module located in the RUN session enables an easy setup with lead softwares like Google Analytics and Zoho. Some softwares will bring more than ...Zoho SalesIQ
You can easily integrate your RUN application with Zoho SalesIQ to track and engage users. All you need to do is to use your SalesIQ key in the RUN setup. To integrate, just follow these steps: Create an account at www.zoho.com/salesiq/ Copy the ...