Wednesday, February 5, 2020

Improved Password Security Settings

We have just created a new section where you will be able to increase your password security, for this you will need to go to the Administration tab and select "Set Password Rules" in the Advanced section:

Inside this section you will find several different options, the first two are the weak and medium security settings:

Weak Passwords allows to create passwords of at least 4 characters and no further restrictions. With Medium Secure Passwords the password length required will be increased to 8 characters and also no other restrictions.

If you are looking to implement something much more strict and specific, you will be able to use "Custom Security":

The following are the different optional settings you can enable:

  • Minimum Length: set to minimum number of required characters, anywhere between 8 and 32.
  • Has Number?: set it so that at least 1 number is required.
  • Has Capitals?: this will enforce that at least 1 letter in upper case is used.
  • Has Symbols?: this will force the user to use at least 1 non alphanumeric symbol.
  • Restrict Consecutive Characters: prevents the user from setting the password with consecutive characters or numbers, for example "abcd" or "6789".
  • Restrict Repeat Characters: prevents the use of repeated characters, for example "bbb" or "888".
  • Restrict Dictionary Words: restricts the usage of dictionary words.
  • Prevent Historical Passwords: here you can specify if you don't want to allow previous passwords to be used. You can set it from 0 (disabled) up to 10 previous passwords.
  • Expiry Months: this will make the password expire after the specified amount of months and can be done between 0 and 24 in intervals of 3 months.
Please keep in mind that not every single setting is required for the custom security, please make sure to use the options according to your needs. If you were using an integration that required secure passwords, make sure to double check with the proper documentation to ensure that you will enable the appropriate options.

Let us know in case you have any question or comment.

Until next time!

--Econz Team

No comments:

Post a Comment