Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Section


Column
width20%

Excerpt Include
Product Webinars
Product Webinars
nopaneltrue


Column
width80%

Introduction

This document provides an overview of the LiveVox password management functionality. It also includes general guidelines for the client level SFTP credentials.  

Password Management

Tip
iconfalse

Table of Contents

exclude

maxLevel3

Introduction

minLevel

Password Management features

3

General Guidelines

Below are the general guidelines for LiveVox portal and agent portal access:

Info
iconfalse

Anchor
unp
unp
Username and Password

Username and password are case sensitive.

With

 Restrictions on the password

management feature enabled, the following restrictions are implemented.

are listed below. 

  • Password strength is selectable at three levels:
    • Medium:  User and agent passwords must be a minimum of eight characters in length containing at least one digit , and one letter, and must .  The password should not match the previous four passwords for that user or agent credential.
    • Strong: User and agent passwords must be a minimum of eight characters in length containing at least one digit, one letter, and one special character, and must . The password should not match the previous four passwords for that user or agent credential.
    • Very Strong: User and agent passwords must be a minimum of twelve characters in length containing at least one digit, one letter, and one special character

      , and must

      . The password should not match the previous four passwords for that user or agent credential.

      Note
      Special characters supported are the

      The following ASCII printable special characters

      and they

      are supported:  (space) ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~


  • Permitted voice portal users can set the account password temporarily and force the users or agents to change the password on the first login or when the password is updated. If permitted voice portal users change the password for their own user account, they are not prompted to change the password. This feature is configurable at the client level and applied to both users and agents.

  • User and agent passwords expire after a specified period. The timeframe is configurable at the client level, is set to 90 days by default, and applied to both users and agents.

  • The system locks

    Password management will lock

    out users and agents after a number of failed login attempts. The allowed number of failed logins is configurable at the client level for users and agents. By default, both users and agents are allowed 5 failed logins. This is configurable at the client level.

  • Passwords are encrypted for all users, meaning that passwords are not stored in clear text anywhere in the system including the database.

    LiveVox uses AES-256 encryption.

Anchor

SFTP site access:

sftp
sftp
SFTP Site Access

Users can upload campaign files or retrieve generated reports from their LiveVox SFTP site. LiveVox uses the SFTP protocol by default.

 

If you require FTP instead, contact your Account team to request this functionality.

  • If you are please contact Client Services -  client-services@livevox.com.If utilizing the voice portal's integrated FTP Browser, a user's voice portal credentials are used (password requirements described above).
  • If you are utilizing a 3rd party SFTP browser application, specific SFTP credentials provided by LiveVox are used. These credentials adhere to the following standards:
    • SFTP usernames and passwords are case sensitive.
    • SFTP passwords must be a minimum of eight characters in length and contain at least 1 digit.
    • SFTP passwords do not expire.
    • SFTP encrypts commands and data both, preventing passwords and sensitive information from being transmitted in the clear over a network.

Security Settings

Users in the Sysadmin role can manage LVP and Agent LiveVox Voice portal users and agents password security settings in through the Security tab of the Client editor. 

Client editor - Security Tab
Image Added

Sysadmins have the option to configure the following options for LVP LiveVox Voice portal users and agents:

  • Password  Expire  Days - Set Password Expire Days: Allows you to set the number of days for the password expiration. Applies to both users and agents.

    Note

    When implementing a password expire period for the first timeor time or reducing the number of days in the current period, it is recommended that all agents be logged out to prevent any call interruption due to password expiration. In addition, if your portal uses any LiveVox Custom Applications (Scripter, for example) or you are unsure if you have integrated these types of apps, please reach out to applications, contact your Account Management team before adding, removing, or making any changes to the Password Expire Period password expire period as this may might interrupt any active LiveVox Custom Applications.


  • Max Failed Login Attempts - Set : Allows you to set the number of password attempts after which the user or agent will  be  locked  gets locked out. The value of Max  Failed  Login  Max Failed Login Attempts LVP and Max  Failed  Max Failed Login Attempts Agent must be between 1 and 9. Zero, null, and characters are invalid.
  • Browser Session Security - If selected, user will have to : If enabled, users must log back in any time the browser is closed.
  • Password Strength- Slide Slide the arrow on the bar to select one of the following levels:

    • Medium - Password : Passwords must be a minimum of eight characters in length containing at least one digit , and one letter, and . Passwords must not match the previous four passwords.

    • Strong - Password : Passwords must be a minimum of eight characters in length containing at least one digit, one letter, and one special character, and . Passwords must not match the previous four passwords.

    • Very Strong - Password : Passwords must be a minimum of 12 characters in length containing at least one digit, one letter, and one special character, and must . The password should not match the previous four passwords.

  • Admin Set Passwords Are Temporary-: If selectedenabled, then the system forces the users or agents to change the password on the first login or when the password is updated. Once they login log in with the temporary password, they will be are asked to change the password.Client editor - Security Tab
    Image Removed 

Setting up Agents and Users

Info
iconfalse

Anchor
newagent
newagent
Adding a New Agent

If the password does not contain the required or greater number of characters, does not contain a mixture of characters and numbers, or matches one of the previous four passwords, the user configuring the agent gets the following errors, after clicking the Save button.

  • If the password has less than the required number of characters, the user configuring the agent gets the following error:
    Adding a new agent:If  the  password  is  not  8  characters  or  greater,  does  not  contain  a  mixture  of characters  and  numbers,  or  matches  one  of  the  previous  four  passwords,  the  user configuring a new agent will get the following error, after clicking Save.
    Failure to save agent
    Image Modified
  • If the password has no digits but characters only, the user configuring new the agent will get gets the following error:
    Failure to save agent
    Image Modified
  • If the password has no characters but digits only, the user configuring new the agent will get gets the following error: 
    Failure to save agent
    Image Modified

Similarly, adding a new user.

If the password is not 8 characters or greater, or does not meet the password requirements; the user configuring new user will get the following error, after clicking Save.
  • If the new password matches with one of the previous four passwords, the user configuring the agent gets the following error:
    Failure to save agent
    Image Added

Anchor
newuser
newuser
Adding a New User

Similar to agent password errors, if the user password does not contain the required or greater number of characters, does not contain a mixture of characters and numbers, or match one of the previous four passwords, the user configuring the agent gets an error, after clicking the Save button.

The below screen shows the example of the saving error as a password is not having the required number of characters. The user configuring the agent gets the following error:
Failure to save new User
Image Modified

Logging In

Info
iconfalse
Agent Login (via

Anchor
agentlogin
agentlogin
Agent Login

Agents can log in through the agent link provided by LiveVox

)

. Enter Login ID and Password

. Click

 and click the Next button to log in.
Agent Login

Image Modified
User login (via

Anchor
userlogin
userlogin
User Login

Users can log in through the user link provided by LiveVox

)

. Enter

the

the Client Code, User Name, and Password

. Click Login buttonto

 and click the Login button to log in.
User  Login
Image Modified

For more information onfailed login

If you are unable to log in, see the Failed Logins section.

If  the  account  passwordis  set 


Info

If the account password is set temporarily,

 

then

the  system forcesthe  users  or  agents 

the system forces the users or agents to change the password on the first login or when the password is updated. Once they

login

log in with the temporary password, they

will be

are asked to change the password. For

changing

resetting the password, see Resetting Expired

Passwordsection

Password section. If the Dual Factor Authentication (DFA) functionality is enabled, see Changing

passwordssection

Password with DFA section for more information.

Anchor
REP
REP
Resetting Expired Password

When the password expires, agents and users will get an error on their screen as they try to log in. New A new password cannot be the same as the last four passwords.

Agents

Info
iconfalse

Anchor
agentexppass
agentexppass
Agent

The below screen shows the expired agent password error along with the Change Password pop-up.
Agent sign in for expired password

Image Added

Steps to reset the agent password:

  1. Enter the current password.
  2. Specify the new password

  1. .
  2. Re-type the new password.
  3. Click the Submit button to reset your password. 

Anchor
userexppass
userexppass
User

Users 

The below screen shows the expired user password message and options to set the new password.


User password expired
Image Modified

To reset the user password, follow the procedure below:

  1. Enter the current password in the Old Password field.
  2. Specify the new password in the New Password field.
  3. Re-type the new password in the Retype Password field.
  4. Click the CHANGE button to reset your password.

Anchor
FP
FP
Failed Logins

Agents :

Info
iconfalse

Anchor
agent
agent
Agent

The below Agent Sign In screen displays the

The Agent login screen displays

error message when an invalid password is entered by an agent.
Agent login failed
Image Modified

If an agent attempts to log in with the wrong password more times than the site’s

configured 

configured limit,

  the  agent  will  be  locked  out and  presented  with  the  following

the agent is locked out and presented with the below screen:
Agent account locked
Image Modified


Users

Anchor
user
user
User

The user login screen displays the

following

message when an invalid password is entered by the user.
Unsuccessful User login
Image Modified

If a user attempts to log in with the wrong password more times than the site’s configured limit, the user will be locked out and presented with the

following

below screen:
User account locked
Image Modified

Anchor
uuaa
uuaa
Unlocking User or Agent Account

To unlock the user or agent, permitted user can double click on the lock icon and confirm the action from User or Agents editor.
Example of unlocking the locked agent
Image Modified

Changing the Password

Users and agents can change their password after they log in.

Info
iconfalse

Anchor
agentpass
agentpass
Agent

Agents can change the password from the Agent Desktop. To change the password, follow the procedure below:

  1. Select the Change Password option from the top-right drop-down menu in the Agent Desktop. 
    Change Password Option
    Image Added
  2. Agents are presented with the Change Password pop-up.
    Change Password Pop-up
    Image Added
  3. Enter the current password.
  4. Specify the new password.
  5. Re-type the new password.
  6. Click the Submit button. The new password becomes effective immediately.

Anchor
userpass
userpass
User

Users can change the password from the LiveVox Voice Portal. To change the password, follow the procedure below:

  1. Select the Edit User option from the profile picture drop-down menu in the upper right corner of the LiveVox Voice portal. The User details screen appears.
    Edit User Option
    Image Added
  2. Click the Change Password link on the User details screen. The Change Password screen appears.
    Change Password Option
    Image Added
  3. Specify the new password in the Password and Confirm Password fields.
  4. Click the OK button.
  5. Click the Save button from the User details screen to complete your password update. The new password becomes effective immediately.

Anchor
DFA
DFA
Dual Factor Authentication

Dual Factor Authentication (DFA) is a type of Multi-Factor Authentication , where essentially the second level of authentication by user is required for a successful login, and this . The second password is an OTP (One Time Password).

Note
  • Please contact LiveVox Client Services

    Contact your Account team to enable the Dual Factor Authentication option and specify Max Failed Login OTP Attempts.

  • Dual Factor Authentication is not available for agent login.
  • Second-factor authorization is not supported via through email, SMS, and voice message.

An Admin administrator can enrol enroll a user for dual-factor authentication. To enrol enroll the user for DFA, navigate to Configure >System > Double click the user > General Tab. Click the Enroll button. You are presented with the following messageA success message appears.
DFA Enrollment for User
Image Modified

Once the enrollment option is enabled by Adminthe Administrator, the user’s enrollment will be is in pending activation status which is displayed in the OTP column of the User editor.
User Account Pending Activation
Image Added

The user is required to complete this activation process upon login. 
User login for with Dual Factor AuthenticationUsers  must  authenticatetheir  loginwith  an  OTPgenerated via Desktop  Application 
Image Added

Note

Users must authenticate their login with an OTP generated via Desktop Application (WinAuth), mobile application (Google Authenticator, OKTA, etc.), or hardware token.

User login (User’s enrolled for

DFAonly

DFA)

.

The

following

below screen displays when the user is enrolled for DFA and submits the login credentials:

 


QR Code for OTP Activation
Image Added

  • Desktop Users
    Users are required to add the QR code in WinAuth to generate the OTP. Enter the OTP obtained via through WinAuth application to continue the login process. For details more information on the usage of WinAuth, see the Setting up WinAuth Application for Dual Factor Authentication section.
    Anchor
    OTPTA
    OTPTA
    OTP verification
    via through WinAuth
    Image Added
  • Mobile Users
    Users are required to scan the QR codeto code to continue the login process. The Then the user receives an OTP via through a mobile application (Google Authenticator, OKTA, etc.) and is presented with the following screen:. Enter the OTP obtained through the mobile application to log in. 
    One Time Password verification
  • Once the OTP is entered by the user the login process continues.
  • If  there  are  failures,  they are counted  against  the  maximum OTP  failure  count  and eventually Image Added
Note

If there are failures, they are counted against the maximum OTP failure count and eventually, the account gets locked

and the user needs to

. The user must contact the

Admin

Administrator to unlock the account.

OTP Enrolment Status

The User editor's User Grid displays a column to indicate the OTP (One Time Password) Enrolment Status. Hover the mouse over the icon displayed in the OTP column to get the description of the OTP Enrolment Status.
User editor -enrolment status

Changing passwords

Image Added

Anchor
CP
CP
Changing Password with DFA 

The users enrolled for Dual Factor Authentication require a valid OTP token to change the password. The login process continues upon successful validation. The OTP token validation failure is counted against the maximum OTP failure count.

Resetting

locked accounts

Locked Accounts

The User editor displays a lock icon for a user locked due to exceeding the maximum attempts of password or OTP. To unlock the user, permitted

user

users can double-click

on

the lock icon and confirm the action.

Anchor
SUW_APP
SUW_APP
Setting up WinAuth Application for Dual Factor Authentication

The WinAuth application can be used by Desktop users to generate OTP

for 

for second-level verification. Follow the below

procedure

steps for the initial set up of the WinAuth Authenticator. 

  1. Download the WinAuth app by clicking https://winauth.github.io/winauth/.
  2. Once downloaded, double click the WinAuth application to set up a new Authenticator:
    WinAuth Application
    Image Added
  3. Click the Add button to set up an
Authenticatorand you will be presented with the
  1. Authenticator. The Add Authenticator window appears.
    Adding a new Authenticator
    Image Added
  2. Specify the required information on the Add Authenticator window.
    Configuring Authenticator details
    Image Added
    The Add Authenticator window allows you to configure the following fields:
    1. Enter the name of the Authenticator in the Name field.
    2. Copy the QR code displayed on OTP Activation screen of LiveVox Portal into WinAuth application.
    3. Set the authenticator type
astime
    1. as time-based.
Clickthe Verify Authenticatorbutton in order
    1. Click the Verify Authenticator button to preview the first generated code
.
Do not click Ok button in the Add Authenticator window at this point.
Configuring Authenticator details
    1. .
    2. Click OK. A Protection screen to lock the WinAuth application appears.
    3. If you want to lock the application, set a Password, and click OK. Use WinAuth to verify the OTP.
      Protection config
      Image Added
  1. Close the OTP Activation window
and you will be prompted with Enter OTP window as shown in Figure 17
  1. of the LiveVox portal. You are prompted to enter OTP as shown in OTP verification through WinAuth screen, where you can enter the code presented on the WinAuth
.

Once done, click Ok button on the Add Authenticator screen of WinAuth and you will be presented with the following screen to lock the WinAuth app, if you wish to lockthe app.
Protection config

Set the required Password and click Ok button on the Protection config and use WinAuth to verify OTP as normal
  1. application.