Enforcing password policies

Improve account security by implementing team-level password policies. As a Team Owner or Team Lead, you are able to set certain password policies that will apply to team members automatically.

Dashboard account passwords already enforce a high password entropy by requiring a minimum of 10 characters, with one uppercase, one lowercase letter and a number.

Password policies are enforced on any Dashboard account that is part of the team that requires it. If a user is part of multiple teams, as long as one team requires it, the user's Dashboard account will assume the password policy. Once the user leaves the team, the password policy is no longer applied.

Configuring Team Password Policies

Navigate to
Dashboard › (select your Team) › Team Settings › Security

These policies are disabled by default.

password-policy.png

Require Team members to change passwords every 90 days

When activated, team members will be forced to change their Dashboard account passwords every 90 days.

New password must be different from last 5 passwords

When activated, team members will not be able to reuse any of their last 5 used passwords. We enforce this by checking against the hash of passwords used in the past. We don't actually have knowledge of account passwords.