User security

The following user security features are available for N-sight RMM:

Maintain session connections with IP address allowlist

N-sight RMM maintains session connections even if a user’s IP address changes during a session—provided the new IP address is included in the Approved IP Addresses list.

This allows users to stay signed in when switching networks, without compromising security. For example, you can allow IP addresses used when:

  • Working from multiple locations, such as home, office, or public networks
  • Using VPNs or proxy servers that frequently change IP addresses
  • Switching between different internet service providers or mobile data networks
  • Accessing the dashboard from various devices with different IP addresses

Adding these relevant IP addresses to the allowlist helps ensure a consistent and uninterrupted connection. See Add IP addresses to the allowlist.

If a user's IP address changes to one that isn't on the allowlist, the session ends and the user must sign in again.

Lockout mechanism

To help prevent brute force attacks, N-sight RMM has a lockout mechanism.

The lockout is triggered after 50 consecutive login attempts from the same user and IP address. When this happens:

  • The user and IP address are blocked for five minutes.
  • The account is automatically unblocked after five minutes of complete inactivity from that user and IP address.

If lockout occurs, we recommend waiting 10 minutes before trying to sign in again.

HTTPS Redirects

For additional security, when you access N-sight RMM over HTTP you are automatically redirected to HTTPS (unless you are using a custom dashboard.domain.name URL).