Regulate passwords within your organization by creating a password policy. You must be a SuperAdmin to configure the default policy in System Settings, or an organization administrator (OrgAdmin) to manage the policy in Organization Settings.
Manage Your Policy
Go to the Security tab in Organization Settings or System Settings. In the Password Policy form, set minimum and maximum requirements for all passwords.
- Select a minimum Password Strength of Weak, Medium, Strong, Complex or Custom in the dropdown menu.
- If you choose Custom strength, enter the number of Minimum Upper Case Letters, Lower Case Letters, Numbers and Symbols in the dialog that appears.
- Enter the number of characters required in the Minimum Length field.
- Use the dropdown menu to choose the length of time allowed before Password Expiration.
- Enter the number of login attempts allowed before Login Lockout.
- Choose the length of time allowed before Inactive Account Expiration.
- Check the box to Restrict Password Reuse, and use the dropdown menu to choose the number of times each password may be reused.
- Check the box to Restrict Password Reset, and use the dropdown menu to choose the number of days during which a user can reset their password after their reset request is sent.
- Use the dropdown menus to select the amount of time that may pass before Idle Timeout and Session Timeout.
- Click the button to Save the configuration.
Set policies for the keys in your organizations to ensure that they consistently meet your security standards. Go to the user menu > System Settings > Security tab to complete the Key Management form.
Set Up Policies
In the Organization API Key section, choose the number of characters required as well as the minimum number of numerals, upper case characters and lower case characters required in the key. Repeat these steps in the Application Key section. Check the box at the top of the form if you want to Mask invalid IPs on login. Once you're finished, click the button to Save your selections.