Skip to main content

System Security

Provides various configuration methods to enhance the security of the BioStar X system.

  1. Click Settings on the Launcher page.

  2. In the left sidebar, click the Security.

  3. Edit the necessary fields.

Login password

Set the complexity level and change cycle for login passwords.

  • Password Level: Set the policy for the password complexity for BioStar X login.

    • Low: You can enter up to 32 characters.

    • Medium: You must combine 8 to 32 alphabetic characters (uppercase or lowercase), and numbers.

    • Strong: You must combine 10 to 32 alphabetic characters (uppercase and lowercase, at least one alphabetic capital), numbers, and symbols.

  • Maximum Password Age: You can set the period for which you want to use the password. If the Maximum Password Age is exceeded, a password change request message is displayed at login.

    Info

    You can set the Maximum Password Age from 1 day to 180 days.

  • Maximum Invalid Attempts: You can set the Maximum Invalid Attempts and the time limit. If you enter the wrong password more than the set number of times, you will not be able to log in for the time limit.

    Info

    The default value for Maximum Invalid Attempts is Active (max 100 time(s) / 10 minutes of login limit).

  • Maximum Password Change Limit: You can set the Maximum Password Change Limit.

    Info

    You can set the Maximum Password Change Limit up to 10 times.

Advanced security settings

Encrypt communication between BioStar X and devices, and enhance session security.

  • Encrypt Personal Data on Database: When Use is set for Encrypt Personal Data on Database, all sensitive data including credential data and personal information will be stored in the database as encrypted. If this option is set as Not Use, the encrypted data will be decrypted and the user's personal information will be stored in an unencrypted state.

    Info
    Items to be encrypted when using Encrypt Personal Data on Database are as follows.

    • Profile image

    • User ID

    • Name

    • Phone number

    • User IP

    • Email information for sender ans recipients

    • Login ID

    • Login password

    • Face template

    • Fingerprint template

    • Card ID

    • Smart card layout key

    • Custom information for user and visitor

    • Image log files

    • Do not force start the server while Encrypt Personal Data on Database. Errors such as failure to log in to BioStar X may occur.

  • Personal Data Encryption Key: You can set the Personal Data Encryption Key. Click Change and set a new encryption key. If changing the encryption key, the existing data will be re-encrypted.

    Info

    You can enter the encryption key with 32 characters using letters, numbers, and symbols.

  • Secure communication with device: The communication between BioStar X and a device can be protected using a certificate.
    When Use is set for Secure communication with device, BioStar X creates and sends a certificate to the device. The device can use a secure channel for exchanging data with BioStar X using this certificate. In order to use an external certificate, Root certificate, Public key certificate, and Private key files must be uploaded.
    If Device Hashkey Management set to Use, you can set a new data encryption key and administrator password.

    Info
    The devices and firmware versions where Secure communication with device can be set are as follows.

    • FaceStation 2 FW 1.1.0 or later

    • BioStation A2 FW 1.5.0 or later

    • BioStation 2 FW 1.6.0 or later

    • BioStation L2 FW 1.3.0 or later

    • BioLite N2 firmware 1.0.0 or higher

    • BioEntry P2 FW 1.1.0 or later

    • BioEntry W2 FW 1.2.0 or later

    • FaceLite firmware 1.0.0 or higher

    • XPass 2 firmware 1.0.0 or higher

    • CoreStation FW 1.1.0 or later

    • X-Station 2 firmware 1.0.0 or higher

    • BioStation 3 firmware 1.0.0 or higher

    • BioStar X creates or deletes a certificate according to the setting status of Secure communication with device, and the same certificate as the previous certificate will not be created. For example, if the setting of Secure communication with device is changed in the order of UseNot Use, the created certificate will be deleted automatically. When the setting is changed in the order of UseNot UseUse, the operation of Create A certificateDelete A certificateCreate B certificate is carried out.

    • If the device is disconnected from the network physically while using the secure communication of BioStar X, do not turn off the secure communication option. In such a case, the certificate of BioStar X will be deleted, and the device will not be able to connect again. To connect it again, the certificate saved in the device must be deleted or the device must be reset to factory default. For more information, refer to the manual of the device.

Info

The Advanced Security Settings tab is only active when you log in as the initial administrator.

Session security

Enhance session security.

  • Simultaneous Connection Allow: You can set whether to allow simultaneous connections using the same account. Allow to Inactive, a previously logged in user will be logged out when attempting to connect to the same account simultaneously.
  1. Click Apply to save the settings.