Settings
System configuration & company preferences
Security
Password policy, two-factor authentication, sessions, and data protection.
Password Policy
Applied to all users on next password change.
Require uppercase letter
Require number
Require symbol
Block common passwords (top 10K)
Two-Factor Authentication
Require a second factor at sign-in.
Require 2FA for Admins & Owners
Highly recommended.
Require 2FA for all users
Best for regulated environments.
Authenticator app
Google Authenticator, Authy, 1Password
SMS
Text messages (less secure — phishing risk)
Email
Backup only — do not use as primary
WebAuthn / Passkey
Hardware key or platform biometrics
Company MFA enrollment
78%19 of 24 active users have MFA enabled.
Sessions & Login
Session timeouts and brute-force protection.
Force HTTPS everywhere
Redirect all HTTP traffic to HTTPS.
Log every login attempt
Successful & failed logins are recorded in the audit log.
Notify user on new-device login
Email the user when a new device signs in.
Data Protection
How your data is safeguarded.
Encryption at rest
AES-256
Enabled
Encryption in transit
TLS 1.3
Enabled
Field-level encryption (PII)
Enabled
Enabled
Audit logging
All actions
Enabled
Backup encryption
AES-256
Enabled
Off-site geo-redundancy
us-west-2 → us-east-1
Enabled