Security

All Zappar content is cloud-based, using Amazon's S3/CloudFront servers. They’re protected behind firewalls and are hardened against server vulnerabilities.

  • All user passwords are encrypted and stored as salted PBKDF2-SHA256 hashes.
  • Content is stored in servers inside the EU, served from a hub closest to the user.
  • Industry-standard public/private key and two-factor authentication techniques.


Password Policy

Workspace Admins can set a workspace level password policy. The passwords for all users on a workspace must adhere to the password policy set on the workspace.

A password policy can be set through the Workspace Settings page.

Default

Workspaces with a default password policy requires user passwords to be at least 5 characters in length.


Strict

To access a workspace with a strict password policy, users must have a password which is at least 8 characters in length, and contains at least two of the following requirements: - A lower case character - An upper case character - A numerical character

After five failed password attempts, a user is denied access to the workspace.


Custom

Workspaces with a custom password policy have greater customization and control over users accessing a workspace with their password.

A custom password policy is available to those on an Enterprise plan.

The following factors can be changed on a custom password policy:

  • Password History: The number of new passwords that must be used before an old password can be used.
  • Change Frequency: The number of days until a user's password must be changed.
  • Idle Timeout: The number of minutes before a user is prompted to enter their password to access a workspace.
  • The number of password attempts allowed on a workspace.
  • The number of requirements (rules) a user's password must adhere to.
  • The requirements a password must have.
  • Permit social media authentication.
  • Customise a password's complexity.
zapcode branded_zapcode i