Advanced Security Settings is available to any Kapost member with an Enterprise level license. Once the feature is available in your Kapost instance, you must enable it. Do so by going to the members tab, then clicking Settings.
These settings will enable:
- Expiring passwords
- Requiring strong passwords
- Locking users
- Terminating sessions
This feature will expire a user's password every 90 days. This will only impact users in instances where this option turned on. When the 90 days is complete, once the user has logged in successfully, Kapost will display a popup asking them to choose a new password and the service will forbid them from continuing until a new password is chosen.
Requiring Strong Passwords
When this option is turned on, the users in this instance will be required to use strong passwords on their account. Specifically, the passwords must:
- Minimum of 6 characters
- Must contain characters from at least two of these groups:
- special characters
- The password must not be the same as the UserID
- The password cannot contain repeating chars or numbers
This feature will limit failed login attempts to seven successive attempts. Once seven unsuccessful login attempts have been made, Kapost will lock that user's account. Access to the account will be reactivated automatically after 3 minutes
After 60 minutes of inactivity, Kapost will terminate the session, asking you to log in again. If advanced security is not turned on, you will be logged out after 24 hours of inactivity.