Account Security Settings

You can change the security settings for your Account. While each security feature has a default setting, we recommend adjusting these settings to increase account security. Set up 2FA, expiration timeouts, and password expiration periods.

You must have an Account Owner role.

Change the account settings: You can customize the account security settings to best suit your requirements
Two-Factor-Authentication (2FA): You can set up 2FA for enhanced security authentication
Password expiration absolute period: You can set a maximum duration after which a password must be changed
Password expiration inactivity period: You can specify the time a password can remain unused before the user is prompted to change it
Session expiration absolute timeout: You can limit the total time a session can remain active before requiring the user to re-authenticate
Session expiration inactivity timeout: You can set a time for a session to end after a period of inactivity, requiring the user to log in again to continue

To change the account security settings:

Click Account Management in the navigation sidebar. The Account page appears.
Click the Security Settings tab.
Change the settings of the Two-factor Authentication, Password, and Session sections to best suit your requirements.
Click Save Changes to activate your custom changes.

Set 2FA to enhance security by requiring users to provide a second form of verification in addition to their password.

Current default: Disabled
Ayyeka Recommendation: Activate 2FA for enhanced security authentication
Note: Changes will take effect the next time users log in
Actions: Select Require two-factor authentication to enable all account users to use 2FA for their login authentication. When Disabled is selected at the account level, users can still activate it for individual usage in their User Settings.

Set a maximum duration after which a password must be changed, regardless of usage.

Current default: 4 months
Current Min-Max values: 10 days to 2 years
Ayyeka Recommendation: Force the account users to carry out a password reset every 30-120 days
Note: Changes will take effect the next time the users reset their password
Actions: Select Specify a Value to set custom values. To increase your account security, set a shorter duration.

Specify the length of time a password can remain unused before the user is prompted to change it.

Current default: 4 months
Current Min-Max values: 10 days to 2 years
Ayyeka Recommendation: Force account users to reset their passwords every 30-90 days if they have not logged in.
Note: Changes will take effect the next time the users reset their password.
Actions: Select Specify a Value to set custom values. To increase your account security, set a shorter duration.

Limit the total time a session can remain active before requiring the user to re-authenticate, regardless of activity.

Current default: 1 week
Current Min-Max values: 1 hour to 3 months
Ayyeka Recommendation: Set the account users a session absolute timeout of 1-24 hours.
Note: Changes will take effect the next time users log in
Actions: Select Specify a Value to set your own account settings. To increase your account security, set a shorter duration.

End a session after a set period of inactivity, requiring the user to log in again to continue.

Current default: Disabled
Current Min-Max values: 3 minutes to 1 month
Ayyeka Recommendation: Set the account users a session inactivity timeout of 5-30 minutes.
Note: Changes will take effect the next time users log in
Actions: Select Specify a Value to set your own account settings. To increase your account security, set a shorter duration.

Future Adjustments: The default settings and the minimum and maximum values may be updated in the future to comply with evolving security standards
Sub-Account Inheritance: If a sub-account is configured to use default settings, it will automatically inherit the default values from the parent account