Formstack provides customers with the ability to create strong passwords that:
- Lockout the users after ten (10) failed attempts to log in
- Require a minimum of seven (7) characters
- Contain letters, numbers, or symbols
- Must be changed periodically
- Cannot be the last four (4) passwords used.
Customers may set a timeout for users after a fixed period of inactivity (15 minutes, 30 minutes, 1 hour, 4 hours.) HIPAA accounts are set at 15 minutes. Formstack provides its customers with a password meter to guide users in the creation of strong passwords. Additionally, Formstack provides the customer with the option of enabling multi-factor authentication.