Skip to main content

Checkup Documentation

Inactive users with admin access

cms-user-inactive-admin-access

severity-medium

Summary

Important Security Note: If your site has custom authorization configured this check may not be applicable.

Having users that can access to the admin interface should be audited from time to time. This check will let you know of any users that have editor or admin access to your site but have not logged in for a while. This might be a sign that the user does not need access to your site anymore. If there are users that should not have access anymore, it might be a good idea to disabled them.


Check Logic

Constant Care for Kentico will ensure the number of old users that still have admin access is no more than 0 (default)

You can manage your settings for this checkup in the Constant Care for Kentico admin settings.


Checkup Options

Days Since Last Login

Constant Care will look back through 180 day of logins (default)

You can manage your settings for this checkup in the Constant Care for Kentico admin settings.


Verifying The Check

To manage individual users you can navigate to the Users Application.

From there you can edit and then disable users.

Changes to your site should only be made by an experienced Kentico Xperience developer. If you need assistance in making these changes please reach out to the Toolkit For Kentico team to be connected with a Kentico Xperience partner.