Skip to content

User Accounts

A user account serves as your identity when accessing Nanitor. It consists of your email, password, and any relevant user information.

You can access your user account and profile settings by navigating to AdminAccount Settings. The Admin icon is located in the upper right corner, as illustrated here:

Admin icon in the upper right corner

The User Account Settings can be found on the left side of the Admin page, as depicted below:

User Account Settings

User Profile

The user profile data consists of your e-mail address and full name. The e-mail address cannot be changed. The name is editable for local user accounts, whereas for externally authenticated users it is inherited and is not editable in Nanitor.

To view and edit your user profile, go to

AdminAccount SettingsProfile

User Profile data

Password

To change your password, go to

AdminAccount SettingsPassword

Change password dialog in user account settings

Note that if users are using SAML authentication, then password authentication is not relevant.

Password policy

To ensure the security of your Nanitor account, please note the following password policy:

  • Passwords must have at least 10 characters
  • Passwords must include at least one symbol
  • Passwords must include at least one digit
  • Passwords must include at least one uppercase letter and one lowercase letter
  • Passwords cannot be part of the user's email address

When changing the password, the new password must be confirmed by typing it again in the "Confirm new password" field.

Organization selection

Organizations are a core element of the Nanitor vulnerability management solution. In Nanitor, an organization represents a customer account that has subscribed to the Nanitor service. The customer's administrators manage the organization, define roles and permissions for users, and add assets to monitor. Nanitor's multi-tenant architecture allows users to belong to multiple organizations within the same instance, providing flexibility and convenience.

Each user account can belong to one or more organizations. The organization selection allows users to switch organizations if they belong to multiple organizations.

To view the organizations you have access to, you can go to

AdminAccount SettingsOrganization

Organization selection in User Account Settings

Two-factor authentication

Two-factor authentication (2FA) enhances account security by necessitating that users input a time-sensitive code from an authenticator app, alongside their password, during the sign-in process.

As Nanitor safeguards crucial information about your organization's assets and security, we highly recommend enabling two-factor authentication to bolster your account's protection.

Two-factor authentication can be enabled by going to

AdminAccount SettingsTwo-Factor Authentication

This brings up the "Two-factor authentication" dialog as shown below. By default, it is not enabled.

Two-factor authentication dialog in Account settings

To turn on 2FA for your account you simply check the box "Enable two-factor authentication". This generates a QR code that you need to scan in your authenticator application.

Nanitor employs the widely-accepted Time-based One-Time Password (TOTP) algorithm for two-factor time-based codes. This standard, defined by RFC 6238, ensures broad compatibility and interoperability with numerous services and applications. TOTP is compatible with most authenticator apps, including Google Authenticator, Microsoft Authenticator, 1Password, etc.

Once you have added the QR code, you simply enter the TOTP code provided in the authenticator and click Save. This completes the setup and the next time you log into Nanitor, it will require a TOTP code from your authenticator.

2FA setup in User Account settings

Logout

To log out of Nanitor press the logout icon on the top right of the administration menu after having clicked on the username or the gear icon.

Logout button