This article reviews Security Policies that can be configured on your account. To modify or add new security policies, log into HostPilot® Control Panel > Account > Security Policies.

 

As an account administrator, you can customize:

User password policy

With the user password policy, you can

  • Allow users to change their passwords
  • Prevent users from changing their passwords
  • Force password changes
  • Create a custom user policy

Contacts password policy

Contact's Password Policy allows you to manage password complexity requirements and expiration period for all Account Contacts.

 

Once the policy is enabled, you will be asked to select password requirements such as minimum password length, password complexity, expiry periods and account contact locking.

 

Read our Knowledge Base article to find out the default password policy for account contacts.

Note: Password Policy cannot be enabled if you have account contacts that manage several accounts. To update password policy for this account, account contacts that manage other accounts must be removed.

IP-based access

Allows you to restrict or allow Administrators to access this account from the specific IP addresses. Read our Knowledge Base article on IP-based access.

  

Two-factor authentication policy

Two-factor authentication (2FA) adds an additional layer of security for your HostPilot account.

With 2FA you can:

  • Enable or disable two-factor authentication for new contacts
  • Choose a frequency range for account contacts to be asked to prove their identity when logging into HostPilot
  • Apply 2FA settings for all existing account contacts apart from those that manage several accounts.

 

Read our Knowledge Base article on Two-factor authentication policy for more information.

Note: 2А frequency settings are applied per a web browser. For example, if 2FA frequency is set to daily, an account contact will be prompted to prove their identity in every browser once a day.