PERMISSIONS
Users: Only Account Owners and Administrators with the Manage Security Settings permission can set password requirements. See User Management Overview for more information.
Plans: Available for all Fleetio plans.
Fleetio allows you to configure minimum requirements for the passwords that Fleetio users create for their login credentials.
Set a minimum length, apply an expiration interval, designate required characters, set a maximum number of invalid login attempts or a lockout effective period.
NOTE: If you have Single Sign On (SSO) enabled, password requirements are managed by the identity provider, instead of Fleetio. See these articles for more information:
To manage your password requirements:
- Go to your Account Menu and select Settings.
- In the Settings sidebar, click Security in the User Access section.
- Set a Minimum Length (defaults to eight characters), Expiration Interval, and/or required characters.
- Designate the following:
- Maximum invalid login attempts: how many times a user can attempt to login and fail before triggering a lockout effective period (defaults to 10 times).
- Lockout effective period: the amount of time a user is prevented from being able to login after reaching the max invalid login attempts (defaults to 10 minutes).
EXAMPLE: If an account has a Lockout Effective Period of 30 minutes, but an Administrator changes this duration to 10 minutes, any user that is currently locked out of the system will be able to attempt to try their password again after 10 minutes.
- Use the Reset All Passwords option to require ALL users to reset passwords on next login; otherwise, changes are enforced upon new password creation and reset.
- Save your settings.
IMPORTANT: For any NEW users effective 8/2/2022 forward, the following password requirements are in place: password length must be a minimum of eight characters and password must contain upper and lower case letters. For all existing users created BEFORE 8/2/2022, there are no NEW password requirements in place unless the Account Admin has changed the settings for the account. If you have Single Sign On (SSO) enabled, password requirements are managed by the identity provider, instead of Fleetio. See these articles for more information:
NOTE: Any password requirements set by the account will appear when a password is reset (see below) to ensure it matches all parameters.
