Overview
There are a number of settings on your account designed to keep your account safe.
Account timeout
To keep your data safe we have a 15-minute timeout on your account. This means if a user is inactive on their browser for more than 15 minutes, they will need to enter a password to log back into their account. This is particularly useful if you’ve lost a device as you know that your account will automatically log out and whoever has taken your device won’t be able to access your account.
Extended timeout
If you are happy that your users have strong security controls on their devices such as a screen lock after a certain timeframe then you can extend the timeout period to 12 hours using the slider switch in your user settings. If a user hasn’t accessed their account after 12 hours then they will need to enter their password to log back in.
Change password
Users can change their password either via the password reset link on the login page or if they are logged in they can do this using the ‘Change password’ option in their settings menu.
Users will be asked to enter their old password and then a new password.
Old passwords cannot be used – users must enter a new password in order to change it.
Multi Authentication (MFA)
On our higher-tier plans, we have the option for MFA. This will prompt a user to enter a 6-digit number after they have entered their password.
This number is generated on the Google Authenticator app on a user’s phone. This adds an extra layer of security. If your password is compromised (e.g. someone guesses it, or they find it leaked online) a malicious party still cannot get into your account as they need the second code.
When you activate the MFA option in your user settings, each user will be prompted to download the Google Authenticator app on their next login. They can then follow the on-screen prompt to scan the QR code to link their account to the app.
On each subsequent login, users will need to enter the MFA code after entering their password.
Single Sign On
SSO is available on our Enterprise plan. View the full guide on setting up SSO.
