Getting started with BioModels

Welcome to BioModels user manual page! We'll show you all the basics to get you up and work with BioModels. When you're ready to go beyond the basics, check out the other links to explore more features.

General rules for usernames and passwords

When opening an account in BioModels repository, you are required to choose a username and are sent a temporary password via the confirmation email. Usernames and passwords must match the conventions set by BioModels. To make sure that your username and password are accepted, follow the guidelines below.

Username requirements

Your username can be any combination of letters, numbers and these symbols (underscores, dots and hyphens). The username must match with this regular expression /^[a-zA-Z0-9_.-]{4,64}$/g.

  • Usernames can be between 4 and 64 characters in length.
  • Usernames may contain any of the following: letters (a - z or A - Z), numbers (0 - 9), dashes (-), underscores (_), hyphens (-), and periods (.).
  • Usernames may not contain any of the following; ampersands (&), equal signs (=), brackets (< >), plus signs (+), commas (,), or more than one period (.) in a row.
  • Usernames may not begin or end with a period (.), nor can a period (.) be the only character.
  • Letters in usernames must be lowercase. If you enter uppercase letters when creating a username, they are converted to lowercase letters.

Password requirements

Your password can be any combination of letters, numbers, and symbols (ASCII-standard characters only). Accents and accented characters aren't supported.

You cannot use a password that:

  • It is particularly week. For example: "admin123"
  • You've used before on your account.
  • It starts or ends with a blank space.

Enhancements of account security settings

Lock accounts after failed password attempts

By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, also known as brute-forcing, is reduced. We have implemented the smart lockout policy. By default, smart lockout locks an account from login after 3 failed password attempts.

The lock lasts about an hour and will then clear on its own.

If the lock does not clear after an hour, please contact us for further support.

Why does X lock accounts?

BioModels limits the number of times that someone can try signing in to an account for security reasons. We don't want to give hackers unlimited attempts at guessing your password. So, we block them from trying after a while.

Check and remind if your password was compromised

When you create and store your own passwords in BioModels, it automatically identifies common weaknesses (for example, if they're easily guessed or used multiple times). BioModels can also securely monitor your passwords and alert you via either sending an email or pushing a notification to your profile's Notifications section if they appear in known data leaks.

BioModels will perform a password check when any user logs in the system. You cannot stop our system from sending alerts unless you reset your current password.

Turn Two-Factor Authentication (2FA) on or off

Two-factor authentication (2FA) is an identity and access management security method that requires two steps of identification to access resources and data. 2FA gives BioModels platform the ability to monitor and help safeguard their most vulnerable information and networks.

The Benefits of 2FA
Enhanced security
Probably the most important benefit of 2FA is to provide an additional layer of security. Even if a hacker obtains the password/login credentials of a user, they still cannot access the data without a second factor of authentication. This makes it hard for (cyber)criminals to hack into sensitive information and protects the data from unauthorized access.
Reduce Risk of Fraud & Data Breaches
Data breaches have serious consequences for businesses: reputation damage, legal liabilities and even financial losses. But luckily, the days of being able to crack a simple password and gain access to privileged information are over. As stated above, the enhanced security makes the life of a hacker much harder. Not only to protect individual user data, but also lowering the risk of a (large) data breach significantly.
Achieve Compliance
Some industries require specific compliance measures, such as GDPR and HIPAA. Health, finance, and government entities demand that businesses follow strict guidelines that protect consumers’ rights and mitigate risk. Make sure you consider your business' unique needs when determining your security requirements.
Increase Customer Trust
Customers like knowing their data is secure. Even though additional verification steps can seem annoying and unnecessary at times, customers trust and appreciate businesses who take precautions to protect them seriously.
Reduce Operating Costs
2FA helps reduce the occurrence of fraud, and thus frees time for the help desk to focus on more complex customer service issues. But that's not all! Compared to other security measures (biometric authentication or physical security tokens), 2FA is relatively low-cost and easy to implement. This makes it a practical and cost-effective option for businesses of all sizes, including small and medium-sized enterprises.
Increase Flexibility
There are many different types of 2FA solutions available, on a variety of different messaging channels. This means that you can choose the option that best suits your customer's needs, your security requirements, your budget, and your IT infrastructure.
Authentication methods for 2FA

There are different authentication methods when using two-factor authentication. Currently, we only support users getting OTP codes for 2FA via email.

Trust this device for 30 days

To enhance your login experience and reduce interruptions, we've also introduced a new Trust This Device for 30 Days feature during the 2FA process.

Key Benefits:

  • Users can now choose to recognize their regularly used devices for 30 days, minimizing the need for repeated 2FA prompts on those devices.
  • This feature improves workflow efficiency, especially during busy periods when frequent authentication might slow down user activities.
  • Users can view and manage their trusted devices directly through the user profile page, giving full control over which devices are recognized as trusted.

    • By enabling this option during login, you can enjoy a smoother, more efficient authentication experience on your trusted devices.