Passwords are an important aspect of computer security. A weak password may result in unauthorized access and exploitation of the company’s resources. All users and personnel with access to the company’s resources need to responsibly take appropriate steps to secure their passwords.
The purpose of this policy is to establish a standard for creation and protection of passwords.
The scope of this policy includes all personnel who have access to company resources.
Password Storage Standards
- Max - 90 days.
- No notification will be sent to the user until the password has expired.
Apty recommends that you change your password within 90 days from the day you first created it.
- Once password expires,you'll be prompted to create a new password the next time you try to log in to Apty.
Presently, Apty supports passwords for two types of login scenarios:
SSO: Apty supports both SAML 2.0 and OAuth 2.0 single sign-on authentication which allows a user to access multiple applications with one set of login credentials. When a user logs in through the client’s SSO, Apty does not store the SSO password.
Email ID: When a user logs in to an application using Email ID, the password is being verified against the hash and salt format in the Apty database. The hashed passwords are salted to guarantee a unique output, even when the inputs are the same.
Please sign in to leave a comment.