- 08 Oct 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Security Settings
- Updated on 08 Oct 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
The Security Settings page allows Admins to establish a password policy for their accounts, requiring the "Enable password management" feature to be activated. Admins can access this feature through the Admin Security Settings. Key configurations include enabling password expiry notifications, setting the number of days for notifications before expiry, and defining the minimum password length (ranging from 0 to 100). Admins can also enforce rules for password complexity, such as requiring uppercase letters, lowercase letters, numbers, or special characters, and specify how many of these rules must be met. Additionally, they can set the maximum number of invalid login attempts before account lockout. Other security features include a password reset URL that expires after 60 minutes and an idle access lockout that logs users off after 30 minutes of inactivity. For further adjustments, Admins can contact support.
The Security Settings page enables Admins to specify a password policy for their account.
To configure password settings you must have Enable password management enabled for your account. For more information, contact our Support Team.
To specify a password policy for your account:
Go to Admin > Security Settings.
Specify the following password rules:
Password Setting
Possible Values
Default Value
Minimum number of days before a password can be changed
Integers between 0 (default) and 365
0- indicates that passwords can be changed immediately.
Number of passwords the system will store in history
Integers between 0 and 30
0- indicates that no password history will be stored and the password can be re-used immediately.
Days until password expires
Integers between 0 and 365
0 - indicates that passwords never expire.
Toggle the Enable password expiry notification to ON to set up notifications leading up to password expiration dates. Then you can optionally change the values of the following parameters:
First notification will be sent days prior to password expiry (7 or 14)
Number of notifications prior to expiry (0, 1, 2, 3, 4, or 5)
Specify the Minimum password length (in characters). The possible values are integers between 0 and 100.
Check the box beside the any of the four rules you want all passwords to satisfy (you can select more than one):
One or more uppercase characters
One or more lowercase characters
One or more numbers
One or more of these special characters (~ ! @ # $ % ^ & *)
Select the Number of rules required — i.e., how many of the rules in Step 5 must be met by each password.
Select the Maximum invalid login attempts — i.e., how many times a user can provide an incorrect password before their account is locked out.
Click Save.
The following additional security settings can be configured or changed by contacting our Support Team.
Password URL expiration: When a user requests a password reset they will be redirected to a password reset URL. By default, this URL will expire after 60 minutes.
Idle access lockout: The default amount of time a user can remain idle is 30 minutes, after which they will be automatically logged off.