Back to top anchor
Open main menu Close main menu
Open search Close search
Open search Close search
Documentation

Sector Security (Sector 10)

We are updating our documentation library to be ready for Sector 10! Find out more in our Sector 10 roadmap or head straight to our collection of Sector 10 - Changes and Updates.

User role
Drupal Sitebuilder
Collection
Sector 10 Collection
Task
Planning and maintaining your site
Topic
Sector Starter Kit Security
Product
Sector 10

The Sector Security module enables a set of recommended security modules and provides additional security features for Sector sites.

The Sector Security module aims to get you started by providing basic tools around user authentication. Secure hosting solutions and regular maintenance are important factors to cover in your security policy that can't be covered here. Acquia provides a comprehensive Guide to Drupal Security that should be reviewed regularly and adapted as necessary. 

Assessing and adapting your security policy 

In New Zealand the New Zealand Information Security Manual defines guidelines and tools to define your site's security needs based on your threat level, including settings for password policies and automated logout. Need more help? Cert.govt.nz offers helpful advice.  

Sector Security module

Included modules and configuration 

Modules Starter Config Site owner's responsibilities
Password policy
  • Password expiry: after 90 days
  • Password character length: at least 12
  • Minimum password character types: 3
  • Number of allowed repeated passwords: 0

Applies to all roles. 

 Enable and adapt policy for your needs.
Automated logout
  • Timeout 3600
  • Max timeout 3600
  • Timeout padding 300

User-specific logout thresholds and role-based settings are disabled. 

Enable and adapt policy for your needs.

Where to get started

Sector security is shipped with the Sector Starter Kit but not enabled. 

  • Go to /admin/modules
  • Enable Sector Security

Enabling Sector security will enable 6 modules: Sector Security, Automated Logout, Password Policy, Password Character Types Policy, Password Policy History, Password Character Length Policy. Once the module is enabled, you can adjust our configuration to your requirements. 

Configuration 

To configure your own password policy, go to:

<your-domain>/admin/config/security/password-policy

Additional options for your password policy are available and can be enabled. See the Password Policy module documentation for more!

To configure your own automated log-out policy, go to:

<your-domain>/admin/config/people/autologout

Last updated

Sector 10 is coming!

Find out more in our Sector 10 roadmap.
Learn more
Sector 9 Roadmap Illustration

Need Help?

Sector is brought to you by Sparks Interactive - supporting Sector from Wellington and Auckland

Contact us

Open Source award winner!

Sparks Interactive are delighted to accept the Open Source Use in Business award for Sector and the Sector.nz open source platform.

Find out more

Subscribe for Sector updates

More menu anchor

© 2020 — Sector is brought to you by Sparks Interactive. Drupal is a registered trademark of Dries Buytaert.