Documentation
Start typing to search…

Security | RS Pathfinder

What is the Security page?

The Security page provides options for configuring security-related settings within your BeyondTrust deployment. It includes features for managing user authentication, session security, and other security controls to ensure that access is protected and policies are enforced.

How is the Security page useful?

The Security page is essential for administrators to implement and manage security measures across the system, such as authentication methods and session policies. It helps protect sensitive data and ensures that user access aligns with organizational security requirements.

How do I access the Security page?

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the left menu, click Remote Support > Management.
    The Management page opens and the Software tab displays by default.
  3. At the top of the page, click Security.
    The Security page displays.

The Security page

<RS_UXPathfinder />

  1. Representative Console: Settings for the Rep Console.
  2. Session Key: Settings for session keys.
  3. Public Portal: Settings for public portal.
  4. Miscellaneous: Additional settings for sessions.
  5. Network Restrictions: Settings to limit access to the Admin interface, certain /api paths, and the Representative Console by IP network address.
  6. Proxy Configuration: Settings to enable a proxy server.
  7. ICAP Configuration: Settings to enable a ICAP server.

How to configure the security settings

Authentication

Default authentication method

The default authentication method is Username & Password. If passwordless authentication is enabled, Passwordless FIDO2 can be selected as the default authentication method. If passwordless authentication is enabled, either authentication method can be selected when logging in.

Enable passwordless FIDO2 authentication

This feature allows users from the local security provider or vendor users to register and log in with FIDO2-certified authenticators rather than a password. FIDO2 authenticator devices must support CTAP2 and be able to perform user verification using biometrics or a PIN.

This feature is enabled by default. Uncheck to disable the feature. If unchecked:

  • The Passwordless Authenticators section of My Account > Security is hidden.
  • The Passwordless FIDO2 option is not available at the login dropdowns.
  • Users are unable to log in using previously registered authenticators.

Unchecking this feature does not remove previously registered authentications. If it is necessary to remove those, they must be deleted before the feature is disabled.

Users with registered passwordless authentication can continue to log in using their username and password. This can be useful if they need to log in using a device that does not support passwordless authentication.

This feature cannot be limited to specific users or user groups.

ℹ️

For more information, and to register authenticators, see What are passwordless authenticators?.

ℹ️

For more information, please see SSL certificate setup.

Updated 2 months ago

©2003-2026 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.