Security Preferences

Form ID: (SM201060)

You use this form to define security settings for your organization, such as the system password and the lockout policies for the user accounts, encryption certificates, and audit settings.

Form Toolbar

The form toolbar includes standard and form-specific buttons. For the list of standard buttons, see Form Toolbar and More Menu. The form specific buttons are described below.


Button	Description
Configure Azure AD	You can use this button to enable and maintain your instance's integration with Microsoft Entra ID (previously known as Azure AD). For detailed steps on setting up and using Microsoft Entra ID, see Integrating MYOB Acumatica with Microsoft Entra ID.

Summary Area

You use this area to set the password policy, account lockout policy, PDF encryption certificate, and audit settings.

Table 1. MYOB Notification
Element	Description
Enable MYOB Notification	This checkbox is automatically selected for all MYOB Advanced instances. It allows MYOB Advanced users to receive popup notifications with important information about their MYOB Advanced system. For example, notice of scheduled upgrades or bank feed status updates. To choose the types of notifications you receive, go to the Notification Group tab on the User Profile (SM203010) form.

Table 2. Password Policy Section
Element	Description
Force User to Change Password Every x Days	A check box that you select to require periodic password changes; if you select the check box, type the number of days (as an integer) that should pass before a user is prompted to change the password in the corresponding box. To let users leave the password unchanged, clear the check box. By default, this check box is selected.
Minimum Password Length x Characters	A check box that you select to enforce a minimum password length; if you select the check box, type in the corresponding box the minimum password length (as an integer) needed for user passwords. Clear the check box to not require a minimum password length. By default, the check box is selected and the minimum length is 14 characters.
Additional Password Validation Mask	A regular expression that you can enter to enforce the company password policies. For more information about using regular expressions, see Examples of the Usage of Masks and Regular Expressions.
Incorrect Password Alert	The message that the user receives if the password does not match the additional validation mask or regular expression (if any was set in the above box).

Table 3. Two-Factor Authentication Policy Section
This section is available only if the *Two-Factor Authentication* feature is enabled on the Enable/Disable Features (CS100000) form.
Element	Description
Two-Factor Authentication	The state of the two-factor authentication for all of the company's users that do not have their own setting specified on the Users (SM201010) form; select one of the following options: None: Two-factor authentication is disabled. Required: Two-factor authentication is required system-wide. Required for Unknown Devices: Two-factor authentication is required for unknown devices. By default, this box is set to None.
Allow Email	A check box that you select so that the authentication can be performed by an access code sent to the email address specified for a user.
Allow SMS	A check box that you select so that the authentication can be performed by SMS. For you to use this authentication method, an SMS provider needs to be configured on the SMS Providers (SM203535) form.

Table 4. Account Lockout Policy Section
Element	Description
Lock Account After x Unsuccessful Login Attempts	The number of unsuccessful login attempts that will cause the account to be locked out. The default value of this box is 3.
Lock Account for x Minutes	The number of minutes an account should be locked out after the defined number of unsuccessful attempts to sign in. The default value of this box is 15.
Reset Lockout Counter After x Minutes	The number of minutes after the last login attempt must pass before the system resets the lockout counter. The default value of this box is 10.

Table 5. Timeout Settings
Element	Description
Use WebConfig Value	A check box that indicates (if selected) that the timeout value specified in the web.config file will be applied to all tenants in the instance. For details, see To Configure the Session Timeout.
User Inactivity Timeout (Hours)	The time interval of user inactivity after which a user will be forced to sign in again. The default value is 1 h. The minimum value is 15 min and the maximum is 8 h. This box is available only if the Use WebConfig Value check box is cleared.

Table 6. Encryption Certificates Section
Element	Description
DB Encryption Certificate	A read-only info box that displays the certificate used to encrypt data stored in the database.
PDF Signing Certificate	The default certificate to be used for signing PDF files. If a user has their own certificate, PDF files created by the user will instead be signed with the user certificate.

Table 7. Audit Section
Element	Description
Keep Audit History for x Months	An integer that represents the number of months the system should keep the audit history of user operations. The default value of the box is 999.
Login	A check box you select to audit each successful login. By default, this check box is selected.
Login Failed	A check box you select to audit each failed login. By default, this check box is selected.
Logout	A check box you select to audit each logout. By default, this check box is selected.
Screen Accessed	A check box you select to audit each form accessed by users. Attention: The event is logged only once for each form during a user session (when the user first opens the form). By default, this check box is selected.
Session Expired	A check box you select to audit each instance of an expired session. By default, this check box is selected.
License Exceeded	A check box you select to audit each instance of the number of allowed concurrent users being exceeded. By default, this check box is cleared.
Send Email Success	A check box you select to audit each successful instance of a user sending an email through MYOB Acumatica. By default, this check box is selected.
Send Email Error	A check box you select to audit each failed instance of a user sending an email through MYOB Acumatica. By default, this check box is selected.
OData Refresh	A check box you select to audit each instance of accessing MYOB Acumatica data by using the OData interface. By default, this check box is cleared.
Customization Published	A check box you select to audit each instance of publishing a customization on any form. By default, this check box is cleared.
Security Contact Email	The security contact email is used for sending email alerts relating to site security, such as when a supplier's banking details are changed. It defaults to the email address of the site's original billing contact.
Notification Manager	Select someone in your company to receive to receive popup notifications with important information about your company's MYOB Advanced system. For example, notice of scheduled upgrades or bank feed status updates.