Password Policy: Frequently Asked Questions
Summary
Siteimprove’s global password policy applies to all users and requires a minimum of 8 characters, no automatic expiration, and temporary lockouts after repeated failed login attempts. The FAQs below explain requirements, user impact, password resets, and SSO considerations.
Overview
To enhance security and streamline identity management, Siteimprove has introduced a global password policy that applies to all users across all accounts.
Frequently Asked Questions
What are the global password requirements?
The Siteimprove global password policy is based on NIST guidelines and requires passwords to be at least 8 characters long. Users are encouraged to use lengthy passphrases for better protection.
Note:
- Passwords do not expire automatically.
- After 5 failed login attempts in 60 seconds, the account is locked for 3 minutes
How does this affect existing users?
Existing users will be required to comply with the new password policy the next time they change or reset their password. Users with passwords that already meet the global requirements will not need to take any action.
What happens if a user forgets their password?
Users can reset their password using the “Forgot your password?” link on the login page. The new password must meet the global password policy requirements.
As a user, how do I reset my Siteimprove password?
See: How do I reset my Siteimprove password?
Does this affect users who log in via Single Sign-On (SSO)?
No. Users who authenticate via SSO are subject to their organization’s identity provider policies. However, users who log in directly to Siteimprove must follow the global password policy.
Did you find it helpful? Yes No
Send feedback