Your security settings allow you to set a password policy and enable two-factor authentication. They also affect the security measures used when creating a User Profile.
You can find the security settings under the 'System Settings' section in the 'Settings' module. They're divided into two sections - password policy and two-factor authentication.
In this article, you'll find information about:
- Password Policy
- Two-Factor Authentication
By default, the password security feature is disabled. If you want to enable it, contact Agillic Support for guidance first. The Staging and Production environments each have their own settings.
You can set a password policy for users based on the following inputs:
- How many days should pass before the password expires
- The minimum length of the password
- The minimum number of uppercase characters
- The minimum number of lowercase characters
- The minimum number of total characters
- The minimum number of special characters like '#!&'
Two-factor authentication requires the user to insert a verification code sent as an email or SMS before they can log into Agillic. As part of the two-factor authentication, you may choose to define how many days can pass before a user must re-verify their User Profile.
Once you've set new security settings, it affects:
- User Profiles where the password has expired
- User Profiles who click 'Forgot my password' and resets their password
- New User Profiles who receive an invite to set their password.
We strongly recommend having two-factor authentication enabled for all Agillic users.
Enabling Two-Factor Authentication
When enabling two-factor authentication for the first time, the system automatically tries to enrol all existing Agillic users. It will do this with the default authentication method, such as email. A notification will be shown if two-factor authentication has not been enabled for all existing Agillic users.
Newly created Agillic users will have two-factor authentication enabled by default.
Go to the Profile Management section to change two-factor authentication settings for individual users, whether that be disabling two-factor authentication on the single user or choosing a different authentication method.
You'll need to choose a default authentication method. Existing Agillic users will be enrolled with the default value as soon as you click save.
Be aware, if you choose SMS as your authentication method, your company will be invoiced for the SMS messages sent.
Trouble Logging In
If you're having trouble logging in, contact your Agillic administrator to make sure that the email and phone credentials are correct or updated. They will be able to help you further.