Go to Beanworks
All Collections
Security
Section heading
Password/Account Security Guidelines

Password/Account Security Guidelines

Stuart Cantwell avatar
Written by Stuart Cantwell
Updated over a week ago

In short, if you are not using a password manager to generate a strong password, and you need to personally remember your credentials. We recommend you use passphrases vs. passwords.

When constructing passphrases, keep the following in mind:

  • Four words should be sufficient. Five words is better.

  • Don’t choose from the most common words, and don’t choose quotes or sayings. (The words should be as random as possible.)

  • You can embellish the start and/or end of the passphrase with numeric and special characters, to meet security requirements

  • Use a unique passphrase for every account you own. That way, if one passphrase is ever exposed, your other accounts remain secure.

Regardless of which methodology you employ, the requirements for your passphrases/passwords are:

  • Minimum 9-character length requirement

    • Highly Recommend 16 character or longer password

  • Must contain at least one uppercase character

  • Must contain at least one lowercase character

  • Must contain at least one numeric character

  • Must contain at least one non-alphanumeric character

Additionally, Beanworks/SageAPA also provides the following security measures:

  • Force Reset Password

    • Forces a user to reset their password on next login

    • Your CSM or member of Support can trigger this on any account

  • Password Expiry

    • Password expires after X number of days

    • You can configure the limiting value for this feature

    • You can ask your CSM or member of Support to enable this feature

  • Disallow Previous Passwords:

    • Prevents the user from using previous X number of previous password

    • You can configure the limiting value for this feature

    • You can ask your CSM or member of Support to enable this feature

  • Account Lockout

    • User account is locked after X number of failed login attempts

    • You can configure the limiting value for this feature

    • You can ask your CSM or member of Support to enable this feature

Please note, all users, including System Administrators, are subject to the security measures you have enabled for your account. If you are an administrator and you are locked out of your account, please contact your CSM who will work with you to unlock your account.

Did this answer your question?