Skip to main content

Password Policy: Frequently Asked Questions

By Guðrún Unnur Gústafsdóttir

The Password Policy within Siteimprove allows you to enforce a password policy that supports specific requirements of your organization. The password you choose will still comply with Siteimprove's standard requirements (a password of minimum 8 characters). This article will answer frequently asked questions in regards to Password Policy.

A Password Policy can be set up by Account Owners via Settings> Users> Password Policy

password_policy.png


Frequently Asked Questions:

  • Are password encrypted?
    Passwords are hashed. This means that Siteimprove does not have access to user passwords.

  • When do passwords expire?
    Passwords do not expire. If a Password Policy is changed by an Account Owner or a user with equivalent rights, users will be prompted to create a new password that adheres to the new policy. If a new Password Policy is set and your old password fulfills the criteria, you will not be prompted to create a new password. 

  • Is there a password history?
    No. You are allowed to use a previously used password if it adheres to the set Password Policy. 

  • How many incorrect password attempts are allowed before being locked out?
    Users will be locked out of the platform for 30 minutes after five unsuccessful attempts to login, and will be invited to reset their password.
Was this article helpful?
0 out of 0 found this helpful