Can I enforce strong passwords in my account?
Beanstalk has a built-in algorithm for checking password strength. Every time a user creates a new password, Beanstalk will display how much time a potential attacker will need to crack it. Owners of Business-level accounts can take this feature to the next level by enforcing strong passwords on their accounts.
As the account owner, go to the Account section, and then follow to the tab Security. You will see all of your security features, including enforcing strong passwords.
Why enforce strong passwords?
On an account with hundreds of users it's sometimes hard to keep track of everyone's password. One person with a weak password can compromise everyone else. And although Beanstalk makes it really hard to brut-force passwords, enabling password enforcing provides extra peace of mind for the account owner.
How it works?
Once you enable password enforcing, Beanstalk will stop accepting weak passwords for new users on your account as well as existing users when they change their passwords. In addition to that, password strength will be checked for every user next time they login. If their password is weak, Beanstalk will require them to update it within the next 3 log in attempts.
What's a weak password?
Beanstalk considers a weak password one that can be cracked quickly by several different types of attacks. While we're not going to disclose the methods, here are some tips on making sure the password is strong.
- Your password should be at least 8 characters long.
- If you are using a complex password, make sure to include non-alpha numeric characters (spaces, periods, etc)
- If you choose haystack, use at least 4 words, separated by spaces or periods (or some other character). Never use words that are relevant to your personality, like your name, address, cellphone numbers, city, birth date, etc.