Security FAQs
The following table provides answers to frequently asked questions regarding application security.
|
Question |
Answer |
||||||||||||
|
What are the password complexity requirements? |
Flexera One passwords must contain at least eight characters and must also include at least one character from each of the following sets:
!@#$%^&* Your password must not include any part of your email address. |
||||||||||||
|
How does Flexera One store my password? |
Flexera One protects passwords using the bCrypt algorithm, which is a one-way hash function incorporating salt. |
||||||||||||
|
Can I reset my password if I have forgotten or lost it? |
Yes, you can send an email to reset your password. For North American assigned accounts, reset your password at app.flexera.com/password/request. For European assigned accounts, reset your password at app.flexera.eu/password/request. For APAC assigned accounts, reset your password at app.flexera.au/password/request. Enter your email address and click Email Link. |
||||||||||||
|
What happens if I am locked out? |
After attempting to sign in three times with an incorrect password, your account will be locked out for 15 minutes. During the lockout period, you cannot sign in (even with the correct password) but you can reset your password. Lockout is used to block brute-force attacks. |
||||||||||||
|
How long is the idle session timeout? |
30 minutes |
||||||||||||
|
How long is the absolute session timeout? |
8 hours |
||||||||||||
|
Where can I find information about which users in my organization are active or inactive? |
Administrators in an organization can go to the Flexera One Administration menu and select Users from the Identity Management submenu to see activity information. After selecting a user, go to the Info tab.
|
||||||||||||
|
How are the user’s last login and last API login timestamps calculated? |
Flexera One users are global and often have access to multiple organizations. Each user’s Last login and Last API login timestamps are also global.
|