Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

How to Edit Your Account Settings

Avatar
Maddy Townsend-Hahn
Updated

Editing Your Account Settings

In your Account Settings, you can view your account subscription information, enable or disable specific features, and customize areas of your KnowBe4 console. To access your Account Settings, log in to your KnowBe4 console and click your email address in the top-right corner of the page. Then, click Account Settings.

To navigate to the different sections of your Account Settings, click the section names on the left side of the page. To expand a section, click the arrow icon next to the section name or click Expand All to expand all sections. You can also use the search bar on the top-right corner of the page to search your Account Settings for keywords.

After you update any settings, be sure to click the blue Save Changes button at the bottom of the page.

Use the links below to learn more about the options in your Account Settings.


Jump to:

Account Information

Subscription Details
Account Privacy

Organization Information
Branding

User Management

User Provisioning
User Settings

Phishing

Phishing Settings
Direct Message Injection (DMI)
AIDA

Training

Training Settings
Learner Experience

Account Integrations

SAML
Phish Alert
API
PhishER
Second Chance
Email Exposure Check (EEC)

 

Account Information

In the Account Information section, you can review your subscription details, update your privacy settings, update your organization’s information, and more.

To learn more about these settings, see the sections below.

Back to top

 

Subscription Details

In the Subscription Details section, you can view information about your account subscription. This information includes:

  • Your account subscription level.
  • Your subscription end date.
  • The number of seats available on your account.
  • The number of active users on your account.

If you’d like to change your subscription details, contact your Account Manager or Customer Success Manager.

Back to top

 

Account Privacy

In the Account Privacy section, you can see if KnowBe4 agents have access to your account and change your privacy settings to your liking.

You can click the Allow KnowBe4 agents to access this account drop-down menu to change your account privacy settings. We recommend that you select Allow continual access to allow KnowBe4 agents to access your account. Granting access to KnowBe4 agents allows us to access your account and assist you if you experience technical issues in your account. If you select Do not allow access, our support team will not be able to access your account. If you do not allow access, you may experience some delays if our support team needs to view your account to help solve a technical issue.

For more information about the account privacy settings, see our Contact Support and Grant Access to Your Account article.

Back to top

 

Organization Information

In the Organizational Information section, you can update your organization’s name, business hours, time zone, and other information about your organization.

Some information that you provide in this section will define the information that placeholders use in your console. You can use placeholders to automatically populate phishing templates, landing pages, and training notifications with information about your organization. For more information about placeholders, see our How To Use Placeholders article.

See below for information about specific settings in this section:

  1. Allowed Domains: If your email environment includes multiple email domains, you can click Allowed Domains to add more subdomains or root domains to your KnowBe4 account. For more information, see our How to Add and Verify Allowed Domains article.
  2. Business Hours: Click the clock icon to add your organization’s default business hours.
  3. Business Days: Click the corresponding button for each of your organization’s default business days.
  4. Time Zone: Click the drop-down menu and select your organization’s default time zone. For more information about managing time zones in your console, see our Time Zones article.
  5. Default Admin Console Language: Click the drop-down menu and select a default language for your admin console. The language you select will apply to the entire admin console unless an admin selects a different Admin Console Language. If a user’s language is not available, the account’s default language will be used. For more information, see our Localization Guide
  6. Date and Time Format: Click the drop-down menu and select the default date and time format that you’d like to use in the console. For more information, see our Modifying the Default Date and Time Format article.

Back to top

 

Branding

In the Branding section, you can customize your organization’s branded content. We recommend that you use branded content to provide a familiar learning environment for your users.

See below for more information about the settings in this section:

  1. Company Logo URL: Enter the URL for your company logo to use the logo in templates. If you add your logo to the console, you can use the logo in phishing templates, landing pages, and training notifications. For information about logo requirements, see our How Do I Add My Company Logo, Logo URL, and Color to the Console? article.
  2. Company Logo: Upload a company logo to personalize your users’ Learner Experience. Your logo will replace the KnowBe4 logo at the top-left corner of the console when users log in to the Learner Experience. For information about logo requirements, see our How Do I Add My Company Logo, Logo URL, and Color to the Console? article.
  3. Brand Color: Select an optional theme color for your Learner Experience. We recommend that you match the color to your organization's brand or logo color.
  4. Upload Branded Certificate: Upload a custom branded certificate. This setting allows you to design and upload a custom template for your certificates. If you upload a branded certificate, you can click Preview Current Certificate to view the certificate. For more information, see our How Do I Customize My Users’ Training Certificates? article.
  5. +Placeholders: Click this button to add a custom banner or signature block to your phishing emails. You can use these elements to customize phishing emails to match your organization’s brand. This can also help when your banners or signatures no longer appear on phishing emails due to whitelisting rules. For more information, see our DMI Configuration Guide.

Back to top

 

User Management

In the User Management section, you can update your user provisioning settings and your general user settings.

To learn more about these settings, see the sections below.

Back to top

 

User Provisioning

In the User Provisioning section, you can edit your user provisioning settings. You have the ability to use Active Directory Integration (ADI) to provision your users. 

See below for more information about the settings in this section:

  1. Enable Active Directory Integration (ADI): Select this check box if you'd like to use Active Directory (AD) to manage your users. After you select this check box and save your Account Settings, you will have access to a new Provisioning subtab. To access this subtab in your console, navigate to Users > Provisioning.
  2. Test Mode: This check box is selected by default. We recommend that you keep this check box selected until you’re satisfied with the results of your sync. If you use test mode, you have the ability to view details about your sync and what actions would have occurred if test mode was disabled. To see these details, navigate to Users > Provisioning.
  3. Show Group Domain: If your users are split between multiple domain sources, you can select this check box to add the root domain to each of the AD-synced group names in the KnowBe4 console. Adding the root domain will allow you to better organize your users.
  4. AD Sync Token: This is your unique account token that you'll need during the Active Directory Integration (ADI) installation process. If you’d like, you can click the Regenerate ADI token button to generate a new token.

    Warning: Please be aware that if you regenerate your ADI Sync token, you will not be able to sync your Active Directory until you update your Active Directory Sync Tool with the new sync token. We recommend that you only regenerate your ADI token to stop existing syncs from a tool that you don't know the location of. For more information about ADI, see our Active Directory Integration (ADI) Configuration Guide.

  5. Download Active Directory Sync Tool: Click this button to download and install the ADI sync tool.
  6. View Installation Guide: Click this button to see our Active Directory Integration (ADI) Configuration Guide. Be sure to read this guide before you install the tool.

Back to top

 

User Settings

In the User Settings section, you can edit your user and admin permissions.

See below for more information about the settings in this section:

    1. Allow Users to Create Accounts: Select this check box to allow your users to create their own accounts. We recommend that you only enable this setting in special cases.
      • Why should I enable the Allow Users to Create Accounts setting?
        • Enable this setting to allow users to sign themselves up for their own KnowBe4 account by entering their work email address on the KnowBe4 training login page. See our KnowBe4's Training Instances article for a full list of login links. Users who sign up using this method will be added to your user list immediately.
      • How can I quickly invite users to set up their own accounts?
        • Enroll Groups: Select All Users
        • Enable automatic enrollment for new users: Select this check box.
        • If you allow users to sign up for their own accounts, you can also set up a "self-service" training campaign, where users who sign up can be automatically enrolled in training. To do this, you'll set up a campaign with the below settings.
        • Once this campaign is created and the Allow Users to Create Accounts check box is selected, you can direct your users to KnowBe4 to self-enroll.
      • Why is this setting disabled by default?
        • The consequence of allowing users to sign up on their own is that they may misspell their email address or sign up with an email alias (such as jsmith@domain.com instead of johnsmith@domain.com). If users misspell their email address or sign up with an email alias, there may be duplicate user accounts in your user list.
        • Duplicate accounts could also cause users to receive additional phishing tests and training notifications for each email account they've signed up with. If this issue occurs, we recommend that you merge the duplicate user accounts and retain only one account for each user.
    2. Use Password-less Login: Select this check box to allow users to log in for training without entering a password. If you enable this setting, be sure to use training notifications tagged with "password-less" or create your own training notifications using our Password-less Link placeholders. For more information, see our How to Enable and Use Password-less Logins article.
    3. Disable Password-less Login for Admins: Select this check box to disable password-less logins for admins.
    4. Expire Password-less Link After: If you have enabled password-less logins, this setting defines how long the password-less link will remain active for your users.
    5. Only allow console sessions from one IP at a time: Select this check box to allow admins to log in to separate instances of the console at the same time, as long as they log in from the same IP address. For more information, see our Session Settings Guide.
    6. Restrict Console Sessions to Specific IP Ranges: Select this check box to restrict admin and security role user sessions to the IP ranges entered under this setting.
    7. Admin Session Timeout: Select the length of time that you would like admin account sessions to remain active. After the specified time period of account inactivity has passed, admins will be logged out of their accounts. You can set the system to time out after 15 minutes or as long as 8 hours. For more information, see our Session Settings Guide.
    8. User Session Timeout: Select the length of time that you would like KnowBe4 Learner Experience sessions to remain active. After the specified time period of account inactivity has passed, your users will be logged out of their accounts. You can set the system to time out after 15 minutes or as long as 8 hours. For more information, see our Session Settings Guide.
    9. Minimum Password Length: Select the minimum length required for user passwords. You can choose between eight and 32 characters.

Back to top

 

Phishing

In the Phishing section, you can update your phishing campaign settings and enable Direct Message Injection (DMI) and Artificial Intelligence Driven Agent (AIDA).

To learn more about these settings, see the sections below.

Back to top

 

Phishing Settings

In the Phishing Settings section, you can customize your phishing settings.

See below for more information about the settings in this section:

  1. Default Landing Page: If you would like to set a default landing page to be used across all phishing campaigns, you can select a landing page from the drop-down menu. When you create a phishing campaign or edit an email template, you will have the option to override this setting and select a different landing page if you’d like.
  2. Default Landing Domain: If you would like to set a default landing page domain to be used across all email templates, you can select a landing page domain from the drop-down menu. When you edit an email template, you will have the option to override this setting and select a different landing page domain if you’d like.
  3. Disable Email Open Tracking: You can select this check box to remove the small tracking image that we place in each phishing email. This image tracks if and when your users open the email in their inbox. For more information, see our How Do You Track Email Opens in the Phishing Security Test? article.
  4. Include Archived Users In Reports: Select this check box to include data from archived users in all phishing reports. If this setting is disabled, data from archived users will not be included in phishing reports.
  5. Overwrite [[domain]] Placeholder: You can select this check box to change what the [[domain]] placeholder displays in phishing templates and landing pages. After you select the check box, enter a domain in the text field.

    You may want to enable this setting if your organization does not want you to spoof your users' domains or if you use spoofing prevention to prevent emails spoofing your domain from being delivered successfully.

    If you do not enable this setting, the [[domain]] placeholder will use the recipient's email domain. For information on how the [[domain]] placeholder works by default, see our How the [[domain]] Placeholder Works article.

    Note: If you use a look-alike domain, or a domain that is similar to your organization’s real domain, we recommend that you purchase the look-alike domain. If someone else purchases the look-alike domain and your users reply to an email sent by the domain, your users may reply to the owner of the domain. Please be aware that using a real domain with anti-spoofing protection could affect email deliverability.
  6. Disable Template Attack Vectors: Select this check box to disable phishing email templates that use specific attachment attack vectors. For example, if you don't want your users to receive simulated phishing attacks that include PDF attachments, you can select PDF Attachments from the drop-down menu. For more information, see our What Attachments Can I Add to My Phishing Campaign and How Are They Tracked? article.
  7. Default Phishing Language: From the drop-down menu, select the language that you’d like to use in phishing campaign emails. This language will be used in all users’ phishing emails unless a different Phishing Language has been set for a user. If a user’s language is not available, the account’s default language will be used. For more information, see our Localization Guide.
  8. Overwrite Sender Address with Reply-to Address For OOO Replies: We recommend that you select this check box if you use reply-to phishing, track out of office (OOO) replies, or use Microsoft Exchange or Microsoft 365. For more information, see the Should I track out of office replies? section of our Reply-to Phishing article.
  9. Overwrite Return-path Address with Reply-to Address:Select this check box to change the return-path address to the reply-to address in a reply-to phishing campaign. We recommend that you enable this setting if your mail server settings require the return-path address to match the reply-to address. For more information, see our Reply-to Phishing article.
  10. Overwrite Fixed Return-path Address with Sender Address:We recommend that you select this check box if you use Google Workspace (formerly G Suite) as your mail server. If you do not enable this setting, Google Workspace users may see "via KnowBe4" text beside the sender email address when they receive phishing test emails in their inbox. For more information, see our Why does my phishing test email show “Via psm.knowbe4”? article.
  11. Disable X-PHISHTEST Header: If you select this check box, the generated token will be included in an X-KB4TOKEN header in phishing emails. If you enable this setting and would like to generate a new token, you can click the Regenerate Token button.
  12. Enable PST Header Token: If selected, the generated token will be included in an X-KB4TOKEN header in phishing emails. You may generate a new token if you would like by clicking the Regenerate token button. 
  13. Add Custom Header: Select this check box to add a custom header name and header value to phishing emails. If you select the check box, you must enter text in the Header Name and Header Value fields. If you whitelist our phishing emails by email header, you can enable this setting and then whitelist your custom header text for additional security.
  14. Enable DKIM Signature: Select this check box to add a DKIM signature to your phishing emails for additional security. You can choose to use KnowBe4's signing domain or customize your own signature. If your organization requires DMARC/DKIM checking for incoming messages, we recommend that you select this check box. For more information, see our How to Enable and Customize DKIM Signatures article.
    •  

Back to top

 

Direct Message Injection (DMI)

In this section, you can enable Direct Message Injection (DMI). DMI eliminates the need to whitelist simulated phishing emails by creating a secure link between your KnowBe4 console and your Microsoft 365 account.

For more information about enabling DMI, see our DMI Configuration Guide.

Back to top

 

AIDA

In this section, you can enable Artificial Intelligence Driven Agent (AIDA). AIDA allows you to simulate a multi-vector social engineering attack. To participate in the beta testing of this feature, select the Enable AIDA Beta check box. If you select this check box, a new AIDA tab will appear in your KnowBe4 console.

For more information, see our AIDA - Artificial Intelligence Driven Agent article.

Back to top

 

Training

In the Training section, you can update your training and Learner Experience (LX) settings. To learn more about these settings, see the sections below.

Back to top

 

Training Settings

In the Training Settings section, you can edit your training settings.

See below for more information about the settings in this section:

  1. Enable Content Surveys for All New Training Campaigns: You can select this check box to enable the Enable Content Survey option for all new training campaigns. If you enable this setting, you will still have the option to disable content surveys when you create new training campaigns. For more information about surveys, see our How to Use Surveys article.
  2. Overwrite Fixed Return-path Address with Sender Address: We recommend that you select this check box if you use SPF alignment checks and want to spoof your domain. Please be sure to whitelist KnowBe4's servers before you select this check box.
  3. Add Custom Header: Select this check box to add a custom header name and header value to training notifications. If you select this check box, you must enter text in the Header Name and Header Value fields. If you whitelist your training notifications by email header, you can enable this setting and then whitelist your custom header text for increased security.
  4. Enable Custom DKIM Signature: Select this check box to enable a custom DKIM signature for training notifications. For more information about this setting, see our How to Enable and Customize DKIM Signatures article.

Back to top

 

Learner Experience (LX)

In this section, you can customize your users’ Learner Experience (LX).

See below for more information about the settings in this section. If you prefer video tutorials, you can also watch our Learner Experience (LX) Account Settings video for more information.

  1. Default Training Language: Select your preferred language from the drop-down menu. This language will apply to the Learner Experience and content available in that language unless a user selects a different Training Language. If a user’s language is not available, the account’s default language will be used.
  2. Enable Localized Training Notifications: Select this check box to send training notifications in each user's language. If a user’s language is not available, the account’s default language will be used. For more information, see our Localization Guide.
  3. Reduce Visual Effects in Learner Experience: Select this check box to reduce visual effects in the Learner Experience. We recommend that you enable this setting if you have slow workstations in your environment or if you use Citrix or Flash-based browsers.
  4. Enable Customized Need Help Button: Select this check box to customize the information that users will see if they click the Need Help? button. If you select the check box, a text field will open. In this text field, you can enter a URL or contact email address of your choice. For more information, see our Learner Experience Guide.
  5. Enable Learner Dashboard: Select this check box to allow your users to view their Learner Dashboard. The Learner Dashboard shows your users a summary of their training completion, including their training status and training due dates. For more information, see our What is the Learner Dashboard? article.
  6. Enable Phishing Information: After you enable the Learner Dashboard, you can select this check box to allow users to view their own phishing test results.
  7. Enable Risk Information: After you enable the Learner Dashboard, you can select this check box to allow users to view their Personal Risk Score.
  8. Enable Optional Learning: Select this check box to allow your users to complete optional training. After you create an optional training campaign, the optional content will be added to your user’s Learner Experience. To view this optional content, your users can log in to their Learner Experience and navigate to the Library tab. For more information, see our Optional Learning Guide.
  9. Enable Badges: Select this check box if you'd like to enable badges. For more information, see the Badges section of our Learner Experience Guide.
  10. Badges Available to Users: Select the badges that you'd like to allow users to earn. For more information, see the Badges section of our Learner Experience Guide.
  11. Leaderboard Type: To enable your leaderboard, click this drop-down menu and select Group Leaderboard. To disable your leaderboard, select No Leaderboard from the drop-down menu. For more information, see our How Do Leaderboards Work? article.
  12. Leaderboard Time Period: From the drop-down menu, select the timeframe that you’d like rankings to be calculated by. Any enrollment that was active during this time period will be included in the leaderboard rankings. You can select Past 30 Days, Past 90 Days, Current Quarter, Current Year, or All Time.
  13. Groups to Include in Leaderboard: From the drop-down menu, select the groups you’d like to include in your leaderboard. 
  14. Exclude training campaigns with no due date.: Select this check box if you’d like to exclude training campaigns that do not have a due date from the leaderboard. You can enable this setting to keep optional content from impacting the leaderboard.
      •  

Back to top

 

Account Integrations

In the Account Integrations section, you can manage your account integrations including SAML, the Phish Alert Button (PAB), API reporting, PhishER, and Second Chance.

To learn more about these settings, see the sections below.

Back to top

 

SAML

In the SAML section, you can enable or disable SAML on your account. You will need the information provided in this section to set up SAML with your single sign-on (SSO) provider. If you need to enable SAML to allow your users to log in for training using your SSO provider, please follow the instructions in our How to Set Up SAML Single Sign-on for the Security Awareness Training Platform article.

See below for more information about the settings in this section:

  1. Enable SAML SSO: Select this check box to enable SAML Single Sign-on (SSO) on your account. For more information, see our How to Set Up SAML Single Sign-on for the Security Awareness Training Platform article.
  2. Allow Account Creation from SAML Log In: This check box will display after you enable SAML. This setting allows users who do not already have an account to create a new account by entering their email address from the login window. If the SAML authentication was successful, the new user's account will be created. If you don’t enable this setting, users who do not already have an account will get an error message if they try to create an account.
  3. IdP SSO Target URL: Enter your identity provider URL or SSO URL into the field.
  4. IdP Cert Fingerprint: Enter the fingerprint of your identity provider's SAML certificate. The SHA-1 option is selected by default.
  5. Sign SP AuthnRequest: Select this check box to digitally sign the SAML AuthnRequest sent from the KnowBe4 service provider to your identity provider.
  6. Entity ID: When configuring the SAML connection to your identity provider, enter the ID found in this section. Depending on your IdP provider, the Entity ID field may also be named the SAML Audience or Identifier.
  7. Generate Unique Entity ID: You can click this button to generate a unique entity ID to use for this account. However, be aware that if you do change the entity ID, SSO will not work for your users until you update the entity ID in your Identity Provider account.
    Important: If you manage multiple accounts, your Identity Provider may not allow the same entity ID to be entered multiple times in the same Identity Provider account. If your Identity Provider does not allow the same ID to be entered multiple times, your users may be unable to log in to their account with SSO.
    If you click the Generate Unique Entity ID button, you'll see the Restore Default Entity ID button. You can click this button to restore your entity ID back to "KnowBe4". If you click this button, any existing SAML connection using your entity ID will stop functioning until you update it in your identity provider.
  8. SSO Sign-in URL: This field provides the Login URL or SAML Endpoint URL. This URL will redirect your users to the identity provider SSO URL.
  9. SSO Sign-out URL: This field provides the Logout URL.
  10. SSO Callback (ACS) URL: This field provides the Assertion Customer Service (ACS) URL. This URL receives the authentication response from your identity provider.
  11. SAML ID: This field provides your SAML ID. Your SAML ID is a unique code that links your users back to your KnowBe4 account. You can’t change your SAML ID.
  12. Metadata URL: This field provides your Metadata URL. Your Metadata URL contains your service provider’s metadata file and can be used to automatically configure the SAML connection on your identity provider. You can only use the metadata URL where applicable.
  13. Bypass-SSO Login URL: This field provides your Bypass-SSO Login URL. If you would like to bypass SSO, this URL will bypass the SSO redirect and allow you to log into the KnowBe4 console using your email and password.

Back to top

 

Phish Alert

In the Phish Alert section, you can configure and customize aspects of the Phish Alert Button (PAB) for your account. For information about the settings in this section, see the Enable and Configure PAB section of our Phish Alert Button (PAB) Product Manual.

Back to top

 

API

In the API section, you can enable and access KnowBe4’s API.

See below for more information about the settings in this section:

  1. Enable Reporting API Access: Select this check box to enable access to our reporting APIs. To enable this feature, you must have a Platinum or Diamond subscription. For more information, see our KnowBe4 API Documentation.
  2. User Event API: If your organization uses KnowBe4's User Event API, you can click User Event API to access the User Event API Management Console. To access the console, you must have a Platinum or Diamond subscription. For more information, see our User Event API article.
  3. PhishER API: If your organization uses KnowBe4's PhishER API, you can click PhishER API to visit the API Key tab in the User Event API Management Console to learn how to create a new PhishER API token. For more information, see our User Event API article.

Back to top

 

PhishER

If you have enabled PhishER in your organization, you can click the Go to PhishER button to access the PhishER interface.

For more information about PhishER, see our PhishER Product Manual.

Back to top

 

Second Chance

In the Second Chance section, you can enable our Second Chance tool for your KnowBe4 account.

To enable Second Chance, select the Enable Second Chance Management check box. If you enable Second Chance, you will have access to a new Second Chance tab in your KnowBe4 console.

If you have a Partner account, you can use the Days Shown on Overview Page field to select the number of days you’d like to include when displaying the User Actions data on the Second Chance Overview page. The default setting is 30 days.

For more information about Second Chance, see our Second Chance Installation and Product Manual.

Back to top

 

Email Exposure Check Pro (EEC Pro)

In the Email Exposure Check Pro (EEC Pro) section, you can customize your Email Exposure Check Pro (EEC Pro) settings.

See below for more information about the settings in this section:

  1. Run Scan on this Day of the Month: Select which day you’d like to run a monthly Email Exposure Check. For example, if you would like to run an Email Exposure Check on the 17th day of each month, click the drop-down menu and select 17.
  2. Last Scanned on: This setting shows the date that your last Email Exposure Check scan was queued. This date and the scan completion date may not be the same.
  3. Scan User Email Address Now:Click this button to run your Email Exposure Check now.

For more information about EEC Pro, see our Email Exposure Check Pro (EEC Pro) Product Manual.

Back to top

      •  
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles