Several security measures have been implemented to ensure the safety of all user accounts. Except for Two-Factor Authentication, all are mandatory for all clients and thus are not changeable.

  • Password policy: at least 8 characters long with at least 1 special character, 1 lower case letter, 1 upper case letter, and 1 numeric character. 

  • Single active session: user can only have one open login session. No simultaneous login on browsers is allowed.

  • Session timeout: user will be automatically logged out after being inactive for 2 hours. 

  • Two-Factor Authentication(optional): all user accounts in the organisation are required to log in with a One-Time Password (OTP) which is sent to their registered email.