Security
All Zappar content is cloud-based, using Amazon's S3/CloudFront servers. They’re protected behind firewalls and are hardened against server vulnerabilities.
- All user passwords are encrypted and stored as salted PBKDF2-SHA256 hashes.
- Content is stored in servers inside the EU, served from a hub closest to the user.
- Industry-standard public/private key and two-factor authentication techniques.
Password Policy
Workspace Admins can set a workspace level password policy. The passwords for all users on a workspace must adhere to the password policy set on the workspace.
A password policy can be set through the Workspace Settings page.
Default
Workspaces with a default password policy requires user passwords to be at least 5 characters in length.
Strict
To access a workspace with a strict password policy, users must have a password which is at least 8 characters in length, and contains at least two of the following requirements: - A lower case character - An upper case character - A numerical character
After five failed password attempts, a user is denied access to the workspace.
Custom
Workspaces with a custom password policy have greater customization and control over users accessing a workspace with their password.
A custom password policy is available to those on an Enterprise plan.
The following factors can be changed on a custom password policy:
- Password History: The number of new passwords that must be used before an old password can be used.
- Change Frequency: The number of days until a user's password must be changed.
- Idle Timeout: The number of minutes before a user is prompted to enter their password to access a workspace.
- The number of password attempts allowed on a workspace.
- The number of requirements (rules) a user's password must adhere to.
- The requirements a password must have.
- Permit social media authentication.
- Customise a password's complexity.