Account Security Settings

Platform Admins can set account-wide security settings such as password requirements, session duration, and 2FA. Security settings set on the screen in the image below (the main “Security Settings” section of your Admin Panel) will be applied to all products and users on the account.

New Users: Passwords must meet the following criteria:

• Minimum length: 12 characters

• Must contain both letters and numbers.

• Must include at least one uppercase and one lowercase letter.

Existing Users: These new rules will apply if you change your organization’s password settings. 

Password Settings

Admins can determine different settings regarding user passwords:

• Password requirements

  • Minimum Length (12 as the default/minimum accepted) setting

  • Change passwords every 90-days (off by default)

  • Password must be different than previous four passwords (off by default) - available only when “Change passwords every 90-days” is on

• Password complexity settings (required for existing accounts that change their password settings and are no longer optional for new accounts created on or after May 14th.) 

  • Alpha-numeric password - Password must include both letters and numbers. (off by default) - Optionality 

  • Strongest password - Password must include a mix of uppercase, lowercase letters, digits, and special characters.

Session Time Settings

This setting determines how long a session can remain inactive before timing out and forcing the user to log back in. The options available for the timeout settings include, 15 or 30 minutes, 1, 2, 4 (default setting), 6, 8, 12, and 24 hours.