Once again we have expanded the option that give you control over the security of logging in. This time it concerns the following aspects:
Password expiration
You can set a number of days after which passwords should expire in order to enforce that the password is regularly changed for both users of the Formdesk account and visitors of a login form (which can be set seperately).
Preventing the reuse of passwords
You can set a number of days in which a password cannot be re-used when a password expired.
Direct check when logging in
The required password strength setup will immediatly apply to all passwords and will be checked on login and forced to change it before continuing if the password doesn’t meet the required strength.
The visitors of a login form
For the visitors of a form where they can manage their own entries by means of a username and password, the above settings apply as well. These options can only be set globally for all visitors as a visitor can log in on all login forms within a Formdesk account. This can only be set by the supervisor within the account details. You can also set up 2-Factor Authentication for a login form, which has been available to users of a Formdesk account for a while. This is adjustable for each form because one form may be more sensitive than another.
For the sake of completeness we sum up all options regarding the security of the login procedure:
For users of your Formdesk account and visitors of login forms:
- 2 Factor authentication via e-mail, SMS, soft-token or IP (https://en.formdesk.com/blog/secure-login-process/)
- Delay time for passwords
- Prevent the re-use of passwords
- Required password strength
For users of your Formdesk account:
- General IP restriction (https://en.formdesk.com/blog/secure-login-process/)
- Delay time of the login session
- Fixed IP during log-in session