Login screen

A user needs login credentials (username and password) to log into the Web Console. It is also possible to log in as a domain user by selecting the check box next to Log Into Domain (a domain user is not related to any mapped domain group). The login format depends on your domain type

Windows Active Directory: DOMAIN\username

Linux and ESET PROTECT Virtual Appliance LDAP: username@FULL.DOMAIN.NAME



If you experience problems logging in or receive error messages while trying to log in, see Web Console Troubleshooting for suggestions to resolve your issue.

You can select your language by clicking the drop-down arrow next to currently selected language, for details see our Knowledgebase article.



Keep in mind that not all elements of the Web Console will change after the language change. Some of the elements are created during the ESET PROTECT installation and cannot be changed.

Allow Session in Multiple Tabs - Web Console can be open in multiple tabs of a single browser.

If the check box is selected, each tab with an open Web Console session in one browser will be connected to the same session. If a new tab is opened, all other tabs connected with the same setting will connect to this new session. If the session is logged out in one of tabs, all other tabs will be logged out too.

If the check box is not selected, each new tab opens a new independent ESET PROTECT Web Console session.

Change password / Use different account - allows you to change password or switch back to the login screen.


Session management and security measures:

Login IP address lockout

After 10 unsuccessful login attempts from the same IP address, further login attempts from this IP address are blocked for approximately 10 minutes. The IP address ban on login attempts does not affect existing sessions. This is indicated by the error message: Login failed: Login from your address was temporarily blocked.

Wrong session ID address lockout

After using an invalid session ID 15 times from the same IP address, all further connections from this IP address are blocked for approximately 15 minutes. Expired session IDs are not counted. If there is an expired session ID in the browser, it is not considered an attack. The 15 minute IP address ban is for all actions (including valid requests). The ban can be released by restarting Web Console (tomcat service).