Security Policies - Overview
Security Policies provide you with a customizable password policy and advanced settings. Enforce users to create a strong and secure password with password policy. The user's concurrent sessions and lock period setting can be configured with the advanced settings.
Password policy:
Passwords are the most commonly used authentication factor. Many users re-use the same, insecure password for all their online accounts, compromising their organization's security.
To protect yourself from this common pitfall, make it mandatory for your users to create passwords that meet certain security standards.
To configure a password policy:
- Sign in to Zoho One
, then click Admin Panel in the left menu.
- Go to Security, then click Security Policies.
- Go to Password Policy, then select from the three preset Password Strengths or choose Custom.
- If you choose Custom, set:Minimum length for a PasswordThe minimum number of characters the password must have.Mixed PasswordWhen this is enabled, users have to set passwords with both upper and lower case characters.Minimum special charactersThe number of special characters the password must have.Minimum numeric digitsThe number of numeric characters the password must have.Maximum password ageThe number of days users can use a password for.Refusal of previously used passwordsThe number of most recent passwords that users can't reuse.
- Click Add.
Concurrent Sessions and Lock Period
Concurrent Sessions: With concurrent sessions, set how many browsers or devices a user can be signed in from at a time.
Lock Period: After the allotted limit of invalid sign-in attempts is reached, users will be locked out and prevented from signing in for the selected duration.
To configure other settings:
- Sign in to Zoho One
, then click Admin Panel in the left menu.
- Go to Security, then click Security Policies.
- Go to Other Settings, then set up Concurrent Sessions and Lock Period.
- Click Add.