Ottimate Password Policy

Modified on Tue, Apr 1 at 11:01 AM

To ensure the security of your account and meet compliance standards, Ottimate enforces the following password and login policies:

Password Expiration

  • Default Expiration Period: 180 days

  • Custom Expiration: If your organization has specific compliance requirements, we can work with you to customize the expiration period. Please contact Support for assistance.

  • SSO Accounts: Password expiration is not applicable for users who sign in via Single Sign-On (SSO), as authentication is managed by your identity provider.

Password Complexity Requirements

We use a real-time strength meter to evaluate password complexity. Here’s how it works:

  • Minimum Length: Passwords must be at least 8 characters long

  • No common passwords: Common or easily guessable passwords (e.g., pa55w0rd) are blocked.

  • No strict character rules: Special characters or uppercase letters are not required, but passwords must pass our strength validation algorithm.

    • Examples:

      • ajgishfaaqfgxsssftyh - Acceptable (long and unique)

      • 12345678 - Rejected (common)

  • Recent Password Reuse: You cannot reuse any of your last 5 passwords.


Account Lockout Policy

To protect against brute-force attacks:

  • Login Attempts: Your account will be locked after 6 failed login attempts within a 30-minute window.

  • Lockout Resolution: The lockout is temporary and automatic. You will need to wait before trying again or use the "Forgot Password" link to reset your credentials.

  • Note: Our team cannot manually unlock accounts during this lockout period.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article