LeanKit's step-by-step guide on how to configure advanced security features for your account.
- enable strong passwords for your users
- set an account lock policy
- configure further security preferences
Enable Strong Passwords in LeanKit
Enabling strong passwords requires all users to follow set guidelines and rules when setting or changing their passwords to increase security.
To enable strong passwords, click the three gears icon.
Then, click the Advanced Security tab and check the box next to Enable Strong Password.
You can choose one (or several) of the options by checking the box. Options include Minimum Length, Require Uppercase, Require Numeric, and Require Special Character (non-alphanumeric).
If users do not follow the strong password rules, they will see an error screen asking them to create a new password and listing the rule(s) they are not following.
Enable an Account Lock Policy in LeanKit
Choosing to enable an account lock policy allows you to set the number of times a user can enter the wrong password before their account is locked for a set amount of time.
To enable Account Lock Policy, click the three gears icon.
Then, click the Advanced Security tab and check the box next to Enable Account Lock Policy.
From there you are able to choose how many failed attempts your users can have before their account will be locked by using the arrows in the box next to Failed Attempts.
You can also specify the amount of time that their account will be locked once they’ve reached the max tries by typing the desired number of minutes in the field next to Account Lock Time.
Enable Preferences for Advanced Security in LeanKit
Choosing to enable further advanced security preferences allows you to disallow or disable other account features that you would not like your users to have access to.
To enable preferences, click the three gears icon.
Then, click the Advanced Security tab and check the box next to Enable Preferences.
From there you can configure various additional security preferences such as:
Disallowed File Extensions
Admins can enter file extensions that they do not want their Users to be able to upload. For example: .PDF, .csv, etc.
Disallow RSS Feeds
By checking this item it will prohibit Users from being able to use the RSS feature
Disable Generic Login
By checking this item it will hide your company's account from the Account lookup page found at https://login.leankit.com/Account/Membership/Login. This will require Users to know their account’s unique web address so they can go directly to it.
Disable Remember Me
On the account login page there is a checkbox that Users can select when logging in so their browser caches their credentials. This allows Users to come back to their account and be automatically logged in.
Disallowing this feature will require the Users to enter their email/password combination each time they visit the site.
Doc ID: 1191979632