Security Settings

General Security Features

Disable Password Forgot
Block Bad Visitors

ReCaptcha Configuration

General Security Features

Enhance the security of your Concord CRM installation with these settings.

Disable Password Forgot

Enabling this option disables the password forgot feature, reducing the risk of spam bots and hackers attempting to access user accounts.

Block Bad Visitors

Activating this feature checks guest visitors against a list of known bad user agents, IP addresses, and referrers.
Note: This is only applicable to non-logged-in users.

ReCaptcha Configuration

Implement Google reCaptcha v2 for enhanced security.

Important: Ensure you configure ReCaptcha v2, not v3.

Setting Up ReCaptcha

Generate Keys:
- Visit Google reCaptcha Admin.
- Register your site with a label (e.g., Concord CRM -> reCaptcha) and add your domain.
- Obtain the Secret Key and Site Key.

Verify the accuracy of the keys and their correct placement in Concord CRM settings.

Configuring in Concord CRM:
- Go to Settings -> Security -> reCaptcha.
- Enter the Site Key and Secret Key in the respective fields.

Testing ReCaptcha

Test the setup by accessing your CRM URL in Incognito Mode and attempting to log in.
This confirms if ReCaptcha is functioning correctly.

To prevent lockout, add your IP address to the ignored list before saving, especially if unsure about the configuration steps.