Account Security
From Spiffy Stores Knowledge Base
Revision as of 10:42, 19 September 2013 by Shawn (talk | contribs) (→Protection from Unauthorised Login Attempts)
The security of your Spiffy Store is of paramount importance, so in order to protect you and your customers we have implemented a number of security measures to ensure that your data is safe.
Contents
Protection from Unauthorised Login Attempts
We protect your Spiffy Stores account by validating each login attempt to ensure it's from your country. Each login is tied to a country of origin.
If a login attempt is blocked because it's outside of your country, you'll be sent an email alert informing you of the attempt. This email will contain a link you can click on to temporarily allow you access from that country for 7 days.
If you want to provide access to someone else, you should set them up with their own Staff Account so they can access their own preferences.
Providing permanent access from another country
You're able to change the default country of a login so that you or another user will be permanently granted access from this country. This could be useful if you are moving overseas or will be away for an extended period, or if you have staff working overseas and want to provide them with access.
If you're logged in as a user...
You can edit your own account settings in the "Your Settings" section of your Spiffy Toolbox, and change your default country so that you will be permanently granted access from this country.
If you're logged in as the store owner...
When logged in as the store owner, you can simply go to the "Accounts -> Staff Logins" section, and edit the user that you want to give access to. You will see a section called "Allow login access from:" and a select box where you can choose the country. If you want to allow access permanently from New Zealand for the user, you set this to new Zealand for that user, and then save your changes.
Protecting your Password
When you choose a password, try to avoid any words that you will find in a dictionary. We would recommend that you also include some digits and special characters to make the password more difficult to guess.
A good trick is to join two small words together and replace a couple of the letters by digits or special characters. In this way you can create a password that you can remember, but is also extremely difficult for a hacker to guess.
Login Credentials Protection
Your login credentials are always protected by an SSL certificate which means that they are always encrypted, and cannot be stolen by a hacker watching your session.
However, in the event that your authorisation credentials do get stolen by some sort of spyware that has been surreptitiously installed on your computer, you will still be protected by the additional security validation checks that we perform to ensure that you are the only person who can use those credentials.
Account Login Protection
All Spiffy Stores administration pages are also protected by an SSL certificate. This means that all of your toolbox data is encrypted, and protected against prying eyes while it is transmitted from our servers to your computer.
Public Access Session Protection
If you use your Spiffy Stores admin account on a public computer, such as in an Internet Cafe or library, then you need to know that your login session is safe from use by other users after you have finished.
In order to ensure this, you should always logoff after you have finished using your Spiffy Store Toolbox, and you should always close the browser when finished.
In the event that you forget to do this, your session will be automatically logged off after 30 minutes of inactivity.
Secure Checkout
Your customers' personal and financial information is secured by encryption on every store's checkout pages. All Spiffy Stores come with a free SSL certificate that is used at checkout time to ensure that your customers feel secure and confident when making a purchase from your Spiffy Store.