Account and Password security best practices are key to keeping your business up and running. To prevent your passwords and accounts from being compromised or suspended, you should follow a regular cadence of password and account reviews.
For password and username recovery instructions, see the following articles:
Account Security Best Practices
The following best practices can help keep your account and passwords secure:
Password Creation:
- Passwords must conform to the following criteria:
- At least 12 characters long
- Cannot be your last 4 previously used passwords
- Must Include at least 1 number
- Must Include at least 1 special character
- Must Include at least 1 upper-case letter and lower-case letter
- Consider using a passphrase:
- A passphrase utilizes letters and numbers to remember a longer phrase.
- Example: Move from E to P is my favorite of the 6 Personal Perspectives! could be mFE2piMfot6PP!
- Avoid using vulnerable passwords:
- Examples of vulnerable passwords contain pet names, common words, personally meaningful dates, and locations.
- Any information that is easily found on social media can make your passwords vulnerable.
- Follow best practices:
- Don’t use the same passwords for all accounts
- Don’t reuse passwords
- Don't collect or share passwords using a shared spreadsheet
- Use a password manager or password vault to generate and store passwords
- Change your passwords every 90 days
Errors Creating or Changing Passwords
- If the password you enter fails to meet the minimum requirements, you will see the following error message:
- Note: If the password you are attempting to set has been identified as a commonly-used or vulnerable password, the reset request will fail. If this happens, you may want to use a password generator to create a new random password.
NOTE: Your account will be locked after 5 consecutive failed login attempts.
-
You will receive the following error message if your account is locked:
- After your account is locked, the system requires that you wait 10 minutes before attempting to login again. There is no need to contact Support if you are able to wait 10 minutes and reset your password successfully. Please launch a new Chrome Incognito window for the best experience.
Account Integrity and Maintenance
- Don’t share passwords.
- Review your accounts and passwords regularly and change passwords if you believe they have been compromised or if you have shared them with someone else.
- Enable 2 Factor or Multi-Factor authentication for additional security
- Do not click on links from people you don’t know, don’t expect, or that appear weird or unusual, as these may be Phishing attempts and could compromise the integrity of the account
- Be wary of any links that are sent via text message, as these could also be harmful
- If you receive something you did not expect or recognize, a general rule of thumb is to validate, with the sender, any link or information sent before you click.