Logging in to Backstage user accounts (not to be confused with event participant access) is secured using the following:
- Password complexity
zxcvbn password strength checker will provide information on your password strength to help you choose a strong password. This is applied when you create your password and when you change it. zxcvbn will prevent users from entering a weak or commonly used password, and provide guidance on how to create safer passwords.
- Password length check
The system currently requires a password that has 12 characters at the minimum.
- Number of retries (lockout)
There is currently no maximum number of attempts for passwords entry before lockout.
- Non re-use of previous passwords
When a user changes their password, the system will not accept any of the 10 previously used passwords for that user.
- Password rotation/request to change
Password rotation can be enabled and adjusted at the organization level.
To enable password rotation and set a frequency, you will need to contact SpotMe support.
- Single sign-on (SSO) / Multi-factor authentication (MFA)
SSO is supported.