Reviewing your security requirements is an important step in setting up your Zapnito community. Here we show you how.
This article contains the following sections:
First, navigate to the cog in the top right-hand corner of the page and click Settings. Scroll down to the Configuration header and select the Security Settings tile.
Strong Password Policy
The Strong Password feature allows community managers to offer the highest security standard for their users. The rules for strong passwords will be enforced everywhere where a password can be associated with an account. This includes:
- Account settings
- Bulk user CSV upload
- When creating a new password after receiving a password reset email
Strong Passwords follow the below security requirements:
- At least 15 characters in length
- At least one uppercase and one lowercase character
- At least one number
- At least one special character
New and invited users would need to associate a strong password with their account. This policy would not be enforced for existing users, unless the community manager also switches on the security flag ‘Periodical Mandatory Password Change’.
Periodical Mandatory Password Change
Periodical Mandatory Password Change forces all users to change their password every 90 days.
Users who had been using a non-strong password would need to change their password so that it follows the rules associated with strong passwords within 90 days.
Community managers can also choose to edit the length of time it takes for a session to expire.
Sessions last 2 weeks by default. This means that, if a user signs into the community today, they will be able to visit the community in 10 days from now, and access the community as a whole without signing in, as they will be automatically signed in. In 15 days, however, they will be asked to sign in again.
Key things to note about session duration are:
- Default is 14 days
- Must be 1 or higher
- No upward limit
Any questions? Let us know at email@example.com or leave a comment below this article.