Protecting SA accounts

There are several ways to secure your Specops Authentication account. With the Geoblocking feature you can prevent requests based on IP addresses or the country of origin. Specific IP addresses can also be designated as trusted, which can affect how a user is required to authenticate themselves. There is also the option to prevent scripted log-in attempts by using Captcha.

Geoblocking

If you configure Geoblocking to, for example, only allow requests from a certain country, requests that are not from the configured country will not be allowed to even attempt to log in. The Geoblocking feature is described here.

Trusted Network Locations

By using the Trusted Network Locations feature you can designate certain IP addresses as trusted. You then have the option to only allow enrollment from these trusted locations. It is also possible to require additional factors when authenticating, for requests that come from untrusted locations, by using the Trusted Network Locations identity service in an authentication policy. Read more about Trusted Network Locations here.

CAPTCHA

To prevent scripted log-in attempts you can set up CAPTCHA. Specops Authentication uses the Google reCapthca technology. If this system suspects that a session might be initiated by a bot, the user will be challenged with something that bots have a hard time solving, like describing what is in a picture.

CAPTCHA can be turned on or off, and turning it on means that normal users may have to perform the challenge in some cases. Captcha can also be combined with Trusted Network Locations, by setting it to only challenge requests from untrusted locations. Please see the Account section on this page for more information about the CAPTCHA settings.