The ERA Web Console login screen
A user needs login credentials (username and password) to log into the Web Console. It is also possible to log in as a domain user by selecting the check box next to Log into domain (a domain user is not related to any mapped domain group). You can select your language from a list in the top right corner of the login screen. Select Allow session in multiple tabs to allow users to open ERA Web Console in multiple tabs in your web browser.
NOTE: You receive the warning message Using unencrypted connection! Please configure the webserver to use HTTPS when accessing the ESET Remote Administrator Web Console (ERA Web Console) via HTTP. For security reasons, we recommend you to set up ERA Web Console to use HTTPS.
Change Password / Try different Account - allows you to change password or switch back to login screen. A user without a permission set is allowed to log into the Web Console, but he will not see any relevant information.
To give a user read/write/modify permissions in Web Console modules, a proper Permission Set must be created and assigned to the user.
Session management and security measures:
After 10 unsuccessful login attempts from the same IP address, further login attempts from this IP address are temporarily blocked for approximately 10 minutes. The IP address ban on login attempts does not affect existing sessions.
After using an invalid session ID 15 times from the same IP address, all further connections from this IP address are blocked for approximately 15 minutes. Expired session IDs are not counted in. If there is an expired session ID in the browser, it is not considered an attack. The 15-minute IP address ban is for all actions (including valid requests).