Start

1 The Login Process
- 1.1 Forgot your Password
- 1.2 Security Question
- 1.3 Security Criteria
2 Browser Support
- 2.1 Table Overview
3 Protection against viruses, malware and cross-site attacks
4 Working with a web application
- 4.1 Saving at the end of every work process
- 4.2 Navigating in the admin area with the keyboard
5 Technical Requirements

The application’s administration area is protected by a personal login. You will usually find this at the following URL: http://wwww.your-domain.com/www/. You can only log in with a valid account name and the corresponding password. The admin area login is protected by the area_www ACL right. You need write rights in order to log in. New EFS installations are delivered with a dedicated subdomain which includes an SSL certificate and you will log in via https instead of http. If you have your own EFS installation, it is possible to insert your logo into the login screens. If you wish to use this option, please get in touch with our support.

This application can be operated from anywhere with any commercially available browser. EFS strictly follows the platform concept, i.e. all functionalities required to successfully conduct electronic, Internet-based survey research are available in one place. You will find the tools for both sending mails and creating surveys as well as for processing results in a single place. This facilitates smooth performance of personalized surveys and, in anonymous surveys, allows you to draw on-the-fly samples for future surveys and initiate feedback loops with respondents.

Forgot your Password

If you have forgotten your password or account name you can access automated help functions. On inputting a false password or account name you will be asked on the login screen to click a special link. Then follow the on-screen instructions.

Staff accounts in EFS installations always have an expiration date after which they will be automatically deactivated. This date is usually the same as the expiration date of the renting contract. If your account has expired, please get in touch with our support.
Please note: EFS has brute force protection, i.e. only a limited number of false password entries is possible. Thereafter the user account is deactivated for a specified period (by default suspension occurs after the sixth false entry and the waiting time is 30 minutes). Therefore please use the help offered on the login screen if you have forgotten your password.

The link to set a new password is valid for 24 hours. The link loses its validity if the user clicks on "Forgot your password" again. Only the last requested link is valid.

Security Question

The function for sending a forgotten password is protected by a security question.

This security question is defined at the first login: You can select the desired question from a list of suggestions or enter it yourself, and must enter the answer yourself.
You can subsequently edit the security question in the System → Users → Own account menu → User data.

Security Criteria

The following security criteria apply for account names and passwords:

The password must be changed after the first login and then expires every 100 days. If the user logs in after the expiry date the screen requests that the password be changed.
Alternating upper and lower case is permissible for account names.
Alternating upper and lower case is not permissible for passwords.
The password must have a minimum of 6 characters.
The password must contain characters from at least two of the following four groups: a-z, A-Z, 0-9, other keyboard ASCII characters.
The password may not contain any spaces.
When changing password after the first login or on expiry of one month the same password may not be used again.

Whether a password meets default security criteria is checked during entry and dynamically displayed. The admin area can optionally be operated in High Security Mode. In addition to EFS standard security features, supplementary protective measures that meet advanced requirements for web application security are activated in this operation mode. These include, in particular, stricter security criteria for user passwords. A special documentation providing detailed information on the High Security Mode is available for download from our customer center.

Simultaneous use of an EFS Admin account is not possible. Simultaneous use of an EFS Admin account will invalidate the previous login.

Browser Support

The current versions of Chrome, Firefox, Internet Explorer, Edge, and Safari (only on macOS) are supported in the current EFSversions. If your installation is still using an older EFS version, the browser version will no longer be supported . This means that older EFS versions do not provide browser bug fixes, if current versions are already available.

The support of Chrome, Firefox, and Edge is limited to the latest version. Older versions are not supported. The Safari version of the current and the previous macOS release is supported. Currently the Safari version 11+ is supported.

We support the basic Survey/OSPE functionality on mobile devices:

Safari on iOS (iPhone & iPad) of the current and previous OS releases. As of 2018: iOS 11+.
Default browser on Android 5.0+
In the admin area, mobile devices are not supported

Table Overview

	Edge (latest version)	Firefox (latest version)	Chrome (latest version)	Safari 12+ (latest version)	Mobile (iOS 11+, Android 5+ and only with responsive layouts or EFS Portal

	Edge (latest version)	Firefox (latest version)	Chrome (latest version)	Safari 12+ (latest version)	Mobile (iOS 11+, Android 5+ and only with responsive layouts or EFS Portal
EFS Admin Area (www)
EFS Leadership / Employee ("Feedback-Center")
EFS Portal (Portal)
EFS Survey / Panel (Ospe, Panel Website Standard Layout)
Panel Website Responsive
Reporting+

Protection against viruses, malware and cross-site attacks

With EFS you can rely on ad-hoc anti-virus and malware scanning for all uploads within the EFS administration area. During an upload, files are immediately scanned for malware, before being moved to their final destination within the EFS platform. If malware is found, files are immediately removed from the temporary storage and the user is notified that the upload was not successful. This approach ensures that at no point malware can be distributed through EFS.

Tivian also uses CSRF tokens for protecting the EFS administration area from cross-site attacks – without compromising on usability. While being reliably protected from cross-site request forgery attacks, administration users can continue working in concurrent browser tab sessions.

Working with a web application

To navigate in the admin area of EFS, there are menus, buttons, links and breadcrumb navigation at your disposal. Using browser buttons (forward, backward, refresh) when working with a web application is not recommended: information on work processes already carried out could be unintentionally lost or work steps be executed twice, due to the fact that browser functions are carried out without a callback to the server.

Saving at the end of every work process

Usually, your entries will be sent to the web server and saved, only after you have expressly confirmed with the Save button. If you make a selection or an entry in a menu, but then leave the menu without pressing Save, your data will not be saved. But with a growing amount of recently-implemented features, as e.g. the Drag & Drop questionnaire editor, changes do not need to be expressly saved anymore.

Navigating in the admin area with the keyboard

You can use different keyboard combinations in the admin area of EFS. Here are the most important rules in brief:

Forms are sent with <ALT>+<s> or in recent Firefox versions with <Alt>+<Shift>+<s>.
With the tab button <Tab> you can jump from function field to function field including menu items and buttons. With a function that is defined by selecting a radio button or an option in a drop-down list, the cursor will jump to the first radio button, the next <Tab> click will switch you to the next function. With functions in multiple response lists, <Tab> will direct you from one checkbox to the next.
With <Shift>+<Tab> you can navigate backwards
With the up/down arrow buttons you can switch in functions with a simple response list from one radio button or element of a drop-down list to the next.
In select boxes you can navigate by typing the first letter of the desired term and
then, if required, with the help of the arrow buttons jump forward or backward.
You can open the online help and logout with the help of access keys. In Firefox, online help is opened with <Alt>+<Shift>+<h> and logout is initiated with <Alt>+<Shift>+<l>. In Internet Explorer <Alt>+<h>+<Return> is used to access online help and <Alt>+<l>+<Return> for logout.

Technical Requirements

To allow usage of the admin area, the following prerequisites should be met:

Minimum resolution 1280x800 from EFS 10.2
JavaScript enabled
The cookie set by the admin area must be accepted
Furthermore, intermediary proxy servers should not manipulate any requests
If you access the admin area via proxy server, e.g. from inside a company network, the access should not be restricted by time limitations

The Login Process