NS1 status

Articles in this section

Requesting enhanced password and session security

  • Updated
Follow

Organizations looking to enhance account security can request advanced password requirements and portal session restrictions for all users associated with the account. Contact the customer support team to request any of the following security features for your IBM NS1 Connect account.

Enforce strong passwords

By default, the only requirement for a password is that it is at least eight characters long. Contact the support team to request enforcing the enhanced password requirements below for all account users.

  • Minimum password length of 12 characters

  • No leading or trailing spaces

  • At least one uppercase letter

  • At least one number

  • At least one special character (eg. !, #, @, $)

Restrict password reuse

By default, there are no restrictions preventing users from resetting a password to one they have used previously. To improve account security, contact support to enforce unique passwords—preventing users from reusing a recent password. During implementation, the customer support team will ask you how many recent passwords to consider when validating uniqueness.

Note

Password backlogging begins once this advanced security feature is activated. Any passwords applied prior to activating this feature are not included in the restricted list.

Limit active and idle sessions

By default, there is a 24-hour session timeout and a 30-minute idle timeout for all IBM NS1 Connect portal users. Contact support to adjust the following settings:

  • Reduce the maximum number of active sessions allowed per user

    By default, a user can have ten active portal sessions at once. You can reduce this number to prevent users from initiating new sessions before closing others.

  • Reduce the amount of time a session remains idle before the user is logged out.

    By default, a session remains idle for 30 minutes before the user is logged out. You can decrease this setting if desired.

  • Reduce the maximum amount of time a session can remain open.

    By default, each session will close after 24 hours, even if it is still active. After 24 hours, users will have to sign back in. You can decrease the maximum session time as desired.

Warning

Communicate any changes to the session timeouts to all users associated with your account to help avoid losing unsaved changes.

Related articles