Password Policy: Frequently Asked Questions

Overview

To enhance security and streamline identity management, Siteimprove has introduced a global password policy that applies to all users across all accounts.

Frequently Asked Questions

What are the global password requirements?

The Siteimprove global password policy is based on NIST guidelines and requires passwords to be at least 8 characters long. Users are encouraged to use lengthy passphrases for better protection.

Note:

• Passwords do not expire automatically.
• After 5 failed login attempts in 60 seconds, the account is locked for 3 minutes

How does this affect existing users?

Existing users will be required to comply with the new password policy the next time they change or reset their password. Users with passwords that already meet the global requirements will not need to take any action.

What happens if a user forgets their password?

Users can reset their password using the “Forgot your password?” link on the login page. The new password must meet the global password policy requirements.

As a user, how do I reset my Siteimprove password?

See: How do I reset my Siteimprove password?

Does this affect users who log in via Single Sign-On (SSO)?

No. Users who authenticate via SSO are subject to their organization’s identity provider policies. However, users who log in directly to Siteimprove must follow the global password policy.