Admin accounts are the individual accounts that are used to log into the store's administration area.
The Admin Editor is used to create and edit admin accounts for the store administration area.
tip: create an admin account for everyone
For security purposes, it is highly recommended that a separate Admin Account be created for every user that logs into the Administration Area.
This will not only allow the system to track who's doing what, but will also allow those users to receive phone support from Modular Merchant's friendly support team.
A review of the sections of the Admin Editor follows:
Security Information
SID
The SID (System ID) number is an ID number assigned to the Admin account by the shopping cart software. It is used by the system for reference purposes. An Admin's SID number cannot be changed. Every Admin is assigned a unique one.
Login
The login is unique to that Admin account. When logging in to your store's Administration Area, you will be asked for three credentials: your Account Name (your Modular Merchant account's name), Admin Login (this field), and Admin Password (the field below).
Each Admin account in your store must have a unique Login.
Password
This is the password that the Admin will use when logging in to the account's Administration Area.
For PCI Compliance security standards, Admin passwords must meet the following criteria:
-
It must be at least 7 (seven) characters long.
-
It must contain at least one lower-case letter.
-
It must contain at least one upper-case letter.
-
It must contain at least one number.
PCI Compliance also requires that Admin passwords be changed at least once every 160 days because apparently that makes total sense to require people to do.
Active
Only active Admin accounts can log in to the store's Administration Area. Inactive Admin accounts will be returned to the login page with a failure message.
ruin your day in one easy step
If you're editing your own Admin account, and you change its status to "inactive", then access to the Administration area will be revoked as soon as you click the Save Changes button!
Email Address
The email address associated with the Admin account. If the Admin creates a Support Ticket, then this email address will receive a notification when the Support Ticket has been updated by Modular Merchant's amicable support team.
First/Last Name
The Administrator's name. This will help Modular Merchant's convivial support team put a name to the voice when calling in for tech support by phone.
Admin's API Key
This is needed if you use any of the shopping cart software's built-in API's to directly access store data. Fore more information on using the Admin's API Key, see the Introduction to APIs tutorial.
Security Question/Answer
Enter a security question and its answer. This question and answer may be used by Modular Merchant to confirm the admin account holder's identity during tech support requests.
your security question and you
This may go without saying, but be sure to create a security question and answer that is secure.
Remember: The Security Question and Answer is there to protect you from unauthorized access to the sensitive, private financial information contained within your account records.
Examples of actual Security Questions we've encountered:
Good: What is my niece's middle name?
Bad: What is the name of my store?
Even worse: 1 + 1?
The last two examples are questions that could easily be guessed by either unauthorized users trying to gain access to sensitive information, or disgruntled former employees whose own Admin accounts have been deactivated and wish to wreak some havoc... both of which, yes, have been attempted but were able to be stopped by Modular Merchant's propitious support team thanks to the Admin account having unguessable Security Question.
Additionally, be sure to create a security question and answer that you can remember. The Security Question is used to prevent unauthorized access to your account.
For security purposes, if an Admin calls us for tech support, but cannot answer their Security Question, Modular Merchant's cordial support team will be able to answer general questions, but will not be able to discuss any information specific to that particular account.
Contact Information
Most of the Contact Information is provided just for your own records, and isn't used by the system. The exception is:
Country
The Country field is required. The country must match the one that the Admin will be logging in from. It is used in-tandem with the System Setting titled Use Security Check When Admins Log In. The Country assigned to the Admin account is used to prevent unauthorized attempts to access your store's Administration Area by users and other bots originating in other locations.
Admin Profile
Content Area Width
This controls how wide the default "content area" of each page of the Administration Area is for that Admin. Enter an amount in pixels. The default value is 1000 pixels wide.
Font Size
This controls the size of the text in the store's Administration Area for the Admin.
Avatar
An avatar is a small image that represents the user. The image that is selected will appear next to the user's forum handle when they post on the forums or comment on a knowledge base article.
Color
Certain reports for the administrator will display using the selected color. For example, in a bar graph, the Administrator's bar may be displayed in this color.
To select a color, click in the text field to open the Color Picker and choose a color in it. The selected color's corresponding color code will be automatically filled into the field.
Forum Handle
The administrator's forum handle will appear when the user posts on the forums or comments on a knowledge base article.
Signature
A signature is an optional small block of text that is automatically appended to forum posts. Signatures often contact information, quotations, or other identifying information.
Custom Admin Attributes
Custom admin attributes are used to create additional admin values not already included with the Admin Account Editor.
For more information on creating and using custom admin fields, please see Admin Field Editor.
Permissions Levels
Permission Levels are used to designate which areas of the administration area the admin will have access to. There are several dozen different Permission Levels available to Admins. Each Admin can have different Permission Levels assigned to them.
Some of the most popular Permission Levels include:
Edit its own admin account
If deselected, then that Admin will not be able to change any of their Admin account's information, such as their name or email address or permission levels.
Edit its own admin permissions
If deselected, then that Admin will potentially be able to edit their Admin account's general information (such as their name or email address), but they will not be able to alter their own permission levels.
View full credit card numbers
If deselected, then only the last four digits of credit card numbers will be displayed to the Admin throughout the Administration Area.
Remember: As per PCI Compliance standards, credit card numbers are to be displayed to users strictly on a need-to-know basis. So, be sure that only those Admins who need to work with full credit card numbers have this permission level selected.
|