Start Free trial

Articles in this section

See more →

Configuring Security Settings in Your VWO Account

Vaibhav Singh
  • Updated
Share:
Follow
close this to read article

Web applications contain resources that can be accessed by many users. To protect resources from unprotected access over the Internet, VWO provides various security measures. You can configure the security by clicking the gear icon on the top right and going to the Account > Security section.

VWO typically provides security in the following ways:

Login and Access

In VWO, you have the following option to manage the login and access of your account:

  • Allow VWO team to access your account
    Sometimes, the VWO support team may need access to your account temporarily to resolve issues related to your account. Accessing your account settings helps our support members to diagnose and troubleshoot your issue faster and better. If you do not wish to allow access to the VWO support team, uncheck this option.
  • Expire user's passwords in 90 days
    Enabling this option ensures that all the users reset their VWO password at least every 90 days. Passwords older than 90 days automatically expire, and the users cannot log in unless they change it. Users are notified over the mail with a link to reset their password before the existing password expires.
  • Log users out of VWO after 15 minutes of inactivity
    Enabling this option ensures that all users are logged out of VWO after 15 minutes of inactivity. Users have to log in again to continue using the app.
  • Prevent users from reusing last <> passwords while resetting
    Enabling this option allows you to set a numerical limit to restrict users from reusing the previous passwords.
  • Prevent users from reusing a password that was used in the last <> days while resetting
    Enabling this option allows you to set a periodical limit to restrict users from reusing the previous passwords that were used within the specified number of days.

Alerts

Set email alerts for account administrators (Admins of the main workspace) to receive notifications for your VWO account-related activities like successful or unsuccessful login attempts and changes made to your VWO account. You can add multiple users to receive alerts on your account activities.

Allow login from specified IP addresses and Locations

With this, you can limit the IP addresses or locations that can access your account. This can be done by providing one or multiple IP addresses in the Allow login if IP address matches the following (add IP addresses separated by new line) field or by specifying one or multiple locations in the Allow login if location matches the following field present in Settings > Accounts > Security section of your VWO account.
To learn how you can do this in your VWO account, refer to Enable Users to Log in to VWO From Specified IP Addresses and Locations.

NOTE: You can use regular expressions to specify IP address patterns. For example, to enable access for all IPs matching the pattern "201.67.99.*", enter the regular expression as "201\.67\.99\..*". To type a range of IP addresses, use regular expressions for IP addresses. To learn how to build a regular expression, refer to How to Build your IP Regular Expression.

Extract/Delete Data For a Specific UUID

VWO saves visitor data against a UUID, which is created and saved on the visitor’s browser cookie. UUIDs are unique IDs that identify your website visitors and are different for each browser. To Access/Delete the data, provide the value in the UUID field present in Settings > Accounts > Security. To locate your UUID, refer to How to Locate your VWO UUID.

NOTE: As soon as your Access/Delete request is received by VWO, the VWO support team will contact you.

Support Ticket Access

While adding users to your VWO account, you can assign them to multiple workspaces as required, along with the corresponding access permissions for them. However, if adding certain users to your VWO account is not feasible, you can use this option to whitelist the respective email addresses or domains and authorize them for contacting the VWO support team.

Account Owners or Admins can authorize such users by adding them under Settings > Accounts > Security > Support Ticket Access > Whitelisted domains and emails. This action lets you specify which email addresses or domains your organization will use to contact the VWO support team. It ensures that users added here are whitelisted and can reach out to the VWO support team for seeking and receiving timely assistance.

VWO requires whitelisting to prevent unauthorized access and ensure account-related information is shared only with known and approved contacts of an account. It also helps maintain account security, as support queries from unrecognized or unregistered users are blocked and not entertained.

Note: This option applies only to unregistered users, email addresses, and domains that cannot be added to your VWO account. Registered users do not need to be whitelisted.

Single Sign-on

Single Sign-on (SSO) is an authentication process that allows a user to access multiple applications with one set of sign-in credentials. To know more about SSO, refer to Single Sign-on in VWO.

Was this article helpful?

Return to top

Related articles