Security
Configuration options for account security and authentication.
The following configuration options are available within the account settings Security section.
Logon session days
 |
| The number of days a user session should be valid before forcing a re-authentication. |
Logon session timeout minutes
 |
| The number of minutes between activities that should elapse before forcing a re-authentication. |
Enforce password complexity
 |
| Ensure all users leverage passwords with a high level of complexity. |
Enforce password history
 |
| Prevent the re-use of a previous password for each user. |
Enforce password bad count
 |
| Lock the user's account if there are too many concurrent failed password/login attempts. |
Password max age
 |
The maximum age in days that a password can be before it must be changed. A value of 0 disables the max-age restriction and will allow a password to persist for the life of the account. |
Enforce two-factor auth.
 |
| Ensure all account users leverage two-factor authentication. |
Two-factor authentication is a technique that helps to make your account more secure. It does this by adding a second step to your login process.
Single-factor authentication uses your email address and password to authenticate your Lytics session.
The second factor comes from the Authy app using an Authy SoftToken, a secret token that changes every 20 seconds. Entering a correct token provides an extra level of verification.
What is an Authy SoftToken
An Authy SoftToken is a secret token that is broadcast to the Authy app every 20 seconds. This unique token serves as a second factor by which Lytics can authenticate your session. Authy is available to download for free as a desktop and mobile app: Download Authy.
Using Two-Factor Authentication
The only difference between two-factor authentication and single-factor authentication is an extra step during login. After providing your password, you will then be asked for your Authy SoftToken.
Using Two-Factor Authentication also requires every user to provide their phone number. Logging in with two-factor authentication for the first time will walk a user through this workflow.
Updated 4 months ago