Last modified: 2024-06-14

Security Settings

The Security Settings page enables Admins to specify a password policy for their account.

To configure password settings you must have Enable password management enabled for your account. For more information, contact our Support Team.

To specify a password policy for your account:

  1. Go to Admin > Security Settings.
  2. Specify the following password rules:
  3. Password Setting Possible Values Default Value
    Minimum number of days before a password can be changed Integers between 0 (default) and 365 0- indicates that passwords can be changed immediately.
    Number of passwords the system will store in history Integers between 0 and 30 0- indicates that no password history will be stored and the password can be re-used immediately.
    Days until password expires Integers between 0 and 365 0 - indicates that passwords never expire.
  4. Toggle the Enable password expiry notification to ON to set up notifications leading up to password expiration dates. Then you can optionally change the values of the following parameters:
    • First notification will be sent days prior to password expiry (7 or 14)
    • Number of notifications prior to expiry (0, 1, 2, 3, 4, or 5)
  1. Specify the Minimum password length (in characters). The possible values are integers between 0 and 100.
  2. Check the box beside the any of the four rules you want all passwords to satisfy (you can select more than one):
  • One or more uppercase characters

  • One or more lowercase characters

  • One or more numbers

  • One or more of these special characters (~ ! @ # $ % ^ & *)

  1. Select the Number of rules required — i.e., how many of the rules in Step 5 must be met by each password.

  2. Select the Maximum invalid login attempts — i.e., how many times a user can provide an incorrect password before their account is locked out.

  3. Click Save.

The following additional security settings can be configured or changed by contacting our Support Team.

  • Password URL expiration: When a user requests a password reset they will be redirected to a password reset URL. By default, this URL will expire after 60 minutes.

  • Idle access lockout: The default amount of time a user can remain idle is 30 minutes, after which they will be automatically logged off.

Was this information helpful?