Default configurations - General
In the Default configurations, the General section controls access, software, and network restrictions for the SessionGuardian client and user profiles. These settings use system-recommended defaults but allow you to adjust them based on security needs.
This section includes:
Onboarding and Registration – Defines how users register and authenticate.
Security Restrictions – Controls authentication, verification and access requirements.
Watermark – Define the font, color, opacity, and screen placement for watermarks on secure sessions.
These defaults streamline user onboarding and maintain consistency in security settings. You can update them before saving a new user profile.
![]() |
Refer to the following table for configurable settings in the General section and their descriptions.
Onboarding and Registration | |
Mobile Registration | Requires users to scan a QR code and take a selfie to activate their profile. |
Mobile Authentication | Requires users to scan a QR code and authenticate with their face each time they start a secure session. This setting may be hidden if the service is not enabled. |
Image Liveness | Liveness detection automatically ensures a live person is in front of the camera. The Image Liveness slider toggles on automatically when Mobile Authentication is turned on. |
ID Verification | Requires users to scan a government-issued ID (e.g., driver's license, passport) on a mobile device and take a selfie to verify their identity. This setting may be hidden if the service is not enabled. |
Multi-Factor Authentication (MFA) | Requires users to complete an additional authentication step using an authenticator app. Users who activated their profile before MFA was enabled must receive a new invite. |
SG Terms & Conditions Agreement | Requires users to read and accept terms before accessing protected systems and data. |
Security Restrictions | |
IP Restrictions | Control user authentication and secure session access based on the device’s public IP address.
ImportantWhen you enable IP Restrictions for the first time, the system automatically adds the user’s current public IP address to the Allowed IP list. If the user logs in from a different location or their IP address changes, they may be blocked from starting a secure session. To allow access, add the new IP address to the Allowed IP list. |
IP Geolocation Restrictions | Restrict user authentication and secure session access to specific countries. The system allows access only when the user's device connects from an approved geolocation. This setting may be hidden if the service is not enabled. |
VPN Restrictions | Allow user authentication only through approved VPN solutions. The system detects if a VPN is in use before granting access. This setting may be hidden if the service is not enabled. |
Prevent Screen Share and Screenshot | Block users from sharing their screen or taking screenshots during a secure session. This setting applies to SG VDI and SG Web. |
Restricted Applications | Prevent users from starting a secure session while specified applications are running. Enter the executable name without “.exe” in the Add Restricted Application field. |
Required Applications | Ensure specific applications are running before and during a secure session. Enter the executable name without “.exe” in the Add Required Application field. |
Watermark | Display a watermark on all screens during a secure session to enhance security. |
Font Family | The system applies a preset font that you cannot change. |
Font Size | Defines the watermark text size. Larger fonts help blend the watermark with background applications. Default: 50 |
Font Weight | Sets the text style to normal or bold. Default: Normal |
Font Color | Defines the text color using a hex code. Default: #000000 - Black |
Opacity | Adjusts transparency from 0 (invisible) to 1 (fully opaque). Lower opacity reduces obstruction. Default: 0.1 |
Across | Determines how many times the watermark repeats across the screen. Default: 3 |