User Access Management in ERPNext

Settings option user section allows system manger set restriction over access of their users based on IP address, office hours and password change.

You could always restrict your user based on there job profile. To clean about user management, please clear here. To learn about customizing roles and permission for each masters and transactions, click here.

With this new upgrade, system manager will be able to restrict users access based on:

1. IP address
2. Login time: Before and after
3. Password change

To do these setting for user in your account, please go to:
Modules --> Setup --> Manage users

To see security setting option, click on any of the user and then click on "Security setting" button:

Clicking on setting button will effect into opening of small window with four fields:

1. IP address:
   Defining IP address will restrict access of user to machine with specific ID. To be able to restrict user on this parameter, you will need to purchase static IP from your ISP (internet service provider).
   What is static IP: Static IP addressing is for one customer on one IP address. Generally ISP give dynamic IP address from poll of IP addresses to their customer and change it later. Buying static IP is little costly than dynamic IP.
2. After loginIf your office hours begin at 10 in morning, then define after login time as 10 then. Do not mention as 10 a.m. or 10:30 etc. Time format should be 24 Hours!
3. Before loginLikewise before login hour would be 19 if you close at 7 p.m. in evening. Time format, 24 hours!
4. Password
   Only system administrator will be able to change password of any user. This will be mostly used when one of the user leaves company who access through commonly used id or for any other security reason.