Restricting Access by IP Address with Alternate Authentication Options

[support]

Purpose:

You can restrict access to your Passwordstate website, by only allowing users to log on if they are within a specific network range.  If they are outside this IP range, then you can force the user to use a two factor authentication, to add extra security.

 

Example:

For all of the users in your company, you can allow them to log into Passwordstate, with the simplest log on method "Pass Through Authentication", if they are on an internal IP range.  If they are attempting to access Passwordstate from an computer outside your network, then you can either completely deny them access, or set up a two factor authentication.  

 

How Do I Do This?

• Log into Passwordstate as a Security Administrator
• On the Administration menu click on System Settings
• Click the allowed ip ranges TAB
• Enter in the all of the IP ranges for your internal into Web Site Allowed IP Ranges.  Specify as many as you need to cover them all
• Choose the Authentication Option, which will become effective if the user is accessing Passwordstate outside of the allowed IP ranges

 

 

Note:

By default, Passwordstate would not be accessible from the outside world unless you configured your company firewall to all it.