Recorder Security Settings
To manage the security of the TechSmith Relay recorders, you can choose to enable or disable the following options.
Ignore Server Certificate Errors
If your server certificate is invalid, TechSmith Relay notifies you on the Dashboard and the Recorder Security settings page.
Enable this option if you need to let the recorder connect to the server even if the server has an invalid server certificate. When enabled, the TechSmith Relay recorders ignore all server (SSL) certificate errors when connecting to the TechSmith Relay server.
Important: This option should be used as a temporary solution as it reduces the security of the TechSmith Relay server.
- Disable this option if you have security concerns and want to be sure that recorders only connect when there are no SSL certificate errors.
More information about certificate errors:
When you change this option, TechSmith Relay recorders will be unavailable until they are rebuilt to reflect this security change.
It may take several minutes before the TechSmith Relay recorders are again available for download. Allow about five minutes for the updated recorders to be available on the System > Download Recorders page.
- Recorders downloaded before changing this option cannot connect to the server and must be updated. Please inform presenters that they must download and install a new recorder from the TechSmith Relay website. Presenters are not informed automatically.
Expire Recorder Authentication Codes
Enable this option to have presenter authentication codes expire. This can prevent an attacker from learning a presenter’s code, posing as the presenter, and sending requests to the server.
Note: This may affect presenters that select Remember me in the recorder. When the authentication code expires, the presenters need to log in again.
Forgot Password Settings
You can allow users to change forgotten passwords. Set the amount of time (in minutes) that a change password link is active and how often users can request a new password.
Account Lockout Settings
You can allow accounts to lock after a given number of failed logins. Also set the length of time to lock an account, how often to reset login attempts, and whether users can unlock accounts using CAPTCHA.
CAPTCHA Option to Unlock Accounts
CAPTCHA uses distorted text in an image to help protect websites from malicious computer programs. CAPTCHA helps to make sure a person trying to access the website, not a computer program.
Enable this option to allow users to unlock their accounts by typing in the distorted text shown in the image. Using this option should help to cut down on emails to administrators by users locked out of accounts.
Create rules for password complexity that adhere to organization standards. You can set the following password attributes:
- Password character length
- Uppercase and lowercase character requirements
- Letters and numbers requirements
- Special character (~!@#$%^&*.-_+?;) requirements