Your ISPnext account is valuable, as it provides you access to sensitive information (including personal data) that you must handle with care. The following tips will help you keep your account secure.
Do not reuse passwords
If you use your ISPnext password on other websites or services as well, the security of your user account may be at risk.
- Avoid reusing passwords, and do not use the same password across multiple websites and services.
- Use a strong, long password with letters, numbers and special characters.
- Use a password manager.
Enable two-step verification
Two-step verification is a useful additional measure to make your user account even more secure. Two-step verification can be enabled or disabled for all users by a user with the role 'Client Administrator'. Read here for more about using two-step verification as a user.
- Enable two-step verification for your ISPnext environment.
- Ensure that the linked email address has the appropriate security measures in place.
Do not share accounts
The simplest way account theft occurs is when login details are shared with third parties. Everyone is supposed to have their own ISPnext account and perform actions in their own name. Furthermore, you do not know whether the person you share an account with handles the login details carefully.
- Never share login details with others
- Be cautious when logging in via unfamiliar devices
- Log out when you no longer use ISPnext (especially on shared computers); simply closing the window does not equate to logging out
Secure your computer
To keep the device you log in with as secure as possible, you can take the following measures.
- Regularly scan with anti-virus software
- Ensure your operating system (Windows, macOS) is updated with the latest updates
- Be cautious with emails and websites you do not trust; do not install unknown software or browser add-ons.