Security and Membership
Secure Platform for Your Online Presence
Your website represents your company. You want to be sure that information on your website are published only by authorized people, that the website won't be hacked and that your reputation won't be harmed by leaks of personal data stored in your databases. Kentico CMS recognizes security as one of the top priorities and provides you with a secure platform for your website.
Kentico CMS supports several authentication methods, including:
Forms authentication based on standard ASP.NET authentication
Windows authentication and integration with Active Directory
Authentication against Facebook, OpenID and Live ID
Custom authentication mechanisms for your existing user databases or legacy systems
Kentico CMS can store millions of user accounts in its database and they can be easily managed through the administration interface. User profiles may contain custom fields defined by administrators.
New user accounts can be created by administrators, imported from external systems or the visitors can register on the website and create their account. Kentico CMS comes with customizable webparts for registration and account management by users (change password, edit user details, etc.).
Customizable User Roles
Every user can be assigned to any number of roles. While there are a few pre-defined roles in Kentico CMS, administrators can easily define their own roles and grant them with permissions.
Every module has a predefined set of permissions (such as read, modify, delete, approve, etc.) and administrator can grant users with these permissions. If you develop a custom module in Kentico CMS, you can even leverage the built-in permission system for managing access to certain features.
Kentico CMS provides highly granular permissions for managing content. Since the content is organized in a content tree, you can set permissions for the whole site, for chosen section or for a single document. The permissions can be inherited to underlying content nodes and you can even break the inheritance and set specific permissions for the chosen section. Permissions can be also denied on underlying pages which overrides the permissions granted to the parent content.
Personalization Based on Permissions
Content and navigation displayed on the live site can be personalized based on user read permissions for the given document. If the user cannot read the page, she won't see it in the navigation.
Double Opt-in Registration
When users register on the website, you may require them to confirm the registration by clicking a link in a confirmation email, so that you can verify that their e-mail address is valid. You can also choose to approve all newly registered users before they can sign in.
Security Best Practices
Here at BP Studios, we pay special attention to creating a secure CMS platform. Every new version goes through detailed security testing and our developers are trained on writing secure code. We also use internal automated tools for identifying possible security threats in our code.
Administrators can send mass emails to all users or chosen users.
Site members can choose their time zone and Kentico CMS modules then display the time in their time zone. For example if your server is located in the USA, but the user chooses London time zone, she will see all times in forums and other modules, as well as in the administration interface converted to her time zone.