Ziflow administrators can enable security settings that vary by plan level.
Depending on the type of your Ziflow subscription, you may see different options:
Allow embedding the Ziflow application - embedding the Ziflow application in an iframe makes it susceptible to the click-jacking security vulnerability. You can decide which parts of Ziflow could be embedded:
Allow to keep users logged in - if enabled, users can select the “Keep me logged in” option when logging in to the platform, which will keep their session for 7 days.
Keep authentication session - this setting lets you define after what time the user session is stopped. (Enterprise edition only)
Disable user account when inactive - this option automatically disables inactive users after a set time. (Enterprise edition only)
Account lockout - when turned on, users will be locked out when 5 times provide the wrong password. System admins may enable the locked-out users. The feature is not supported if users are authenticating with SSO.