Litmus Enterprise: advanced security & privacy settings
Available exclusively to Litmus Enterprise customers, Enterprise Security provides an additional level of security to further protect Enterprise accounts. Litmus Enterprise customers can utilize Enterprise Security features, like two-step verification, custom session lengths, customizable password settings and single sign-on (SSO) for full control over their Litmus account and to further protect their business.
|
Find your security settings
The Account Holder has access to security settings for their individual account and for their entire team. Look for the advanced account-wide settings in the Your Subaccounts section under Manage Security.
Two-step verification
Litmus Enterprise customers have access to five versions of two-step verification.
- Individually-enforced
- Account-wide requirement (all subaccounts and parent account)
- Parent account requirement
- Subaccount requirement (all subaccounts)
- Subaccount requirement (only select subaccounts)
Individually enforced two-step verification
Within your personal security settings, you can turn on two-step verification as an added level of security on your account. This will force you to follow an SMS-based two-step verification experience for every login and at least once every 30 days.
Account-wide required two-step verification
Account Holders can enforce two-step verification as an added level of security on their entire account, including the parent account and all subaccounts. Once enforced, two-step verification requires all users to follow an SMS-based two-step verification experience for every login and at least once every 30 days.
To enable this additional layer of protection for your entire account, select both boxes in Two-step verification in your account-wide Manage Security settings.
Parent account requirement
To further protect their business and their users, Account Holders can enforce two-step verification as an added level of security on just their parent account. Once enforced, two-step verification requires all users on the parent account to follow an SMS-based two-step verification experience for every login and at least once every 30 days.
In Two-step verification in your account-wide Manage Security settings, select the first box Enable two-step verification on this account so it only applies to your parent account.
NOTE: Parent account two-step verification settings are only available within the team security settings on the parent account. Once implemented, it impacts the parent account only. Select Enable two-step verification on this account
Subaccount requirement (all subaccounts)
Account Holders can choose to enforce two-step verification as an added level of security on just their subaccounts, excluding the parent account. When activated, users in subaccounts will not be able to edit their individual settings to turn off two-step verification.
Select the second box Enable two-step verification on all subaccounts in your account-wide Manage Security settings' Two-step verification tab to enable this for all subaccounts.
Subaccount requirement (only select subaccounts)
Account Holders can enforce two-step verification as an added level of security on select subaccounts. When enabled on specific subaccounts, users in them will not be able to edit their individual settings to turn off two-step verification.
Start with the subaccount you wish to enable appearing in the upper right corner of your Litmus window. Choose Settings, then Manage Security in the account-wide settings area. You can select Enable two-step verification on this account to apply this added security for just that specific subaccount. Change subaccounts in the upper right corner and repeat for any additional subaccounts that need two-step authentication.
Custom session length
To further protect Litmus accounts from unauthorized access, Account Holders can add customizable session lengths so idle Litmus accounts will be automatically logged out after a specified time frame.
NOTE: Custom session lengths are customizable at the subaccount level and not universal across all accounts.
Custom password settings
Customizable by password character diversity, blocklisting, and reuse parameters, Account Holders can set minimum requirements for passwords on their account. It includes:
Password character diversity
Enforce a baseline of complexity for passwords by requiring any number of digitals, symbols, uppercase, and lowercase characters.
Password blocklisting
Blocklist prefixes and fields can be used to prevent common phrases (such as “password” and “1234”) from being included in a password.
Password expiry and reuse
Setting an expiry will ensure passwords change on a regular basis. Configure how many password changes are required before a password can be reused, or prevent reusing passwords altogether.
NOTE: Custom password settings are customizable at the subaccount level and not universal across all accounts.
Single sign-on with SAML
Single sign-on (SSO) powered by SAML lets you easily authenticate and manage user access, while your team enjoys a streamlined login process—access to Litmus with a single click. Learn more about enabling SSO with SAML and your Identity Provider.