Litmus Enterprise: advanced security & privacy settings

Available exclusively to Litmus Enterprise customers, Enterprise Security provides an additional level of security to further protect Enterprise accounts. Litmus Enterprise customers can utilize Enterprise Security features, like two-step verification, custom session lengths, customizable password settings and single sign-on (SSO) for full control over their Litmus account and to further protect their business.

Find your security settings

The Account Holder has access to security settings for their individual account and for their entire team. Look for the advanced account-wide settings in the Your Subaccounts section under Manage Security.

Litmus settings left menu showing individual security link and account-wide security link

Top Did this help?


Two-step verification

Litmus Enterprise customers have access to five versions of two-step verification.

  • Individually-enforced
  • Account-wide requirement (all subaccounts and parent account)
  • Parent account requirement
  • Subaccount requirement (all subaccounts)
  • Subaccount requirement (only select subaccounts)

Individually enforced two-step verification

Within your personal security settings, you can turn on two-step verification as an added level of security on your account. This will force you to follow an SMS-based two-step verification experience for every login and at least once every 30 days.

Account-wide required two-step verification

Account Holders can enforce two-step verification as an added level of security on their entire account, including the parent account and all subaccounts. Once enforced, two-step verification requires all users to follow an SMS-based two-step verification experience for every login and at least once every 30 days.

To enable this additional layer of protection for your entire account, select both boxes in Two-step verification in your account-wide Manage Security settings.

Parent account requirement

To further protect their business and their users, Account Holders can enforce two-step verification as an added level of security on just their parent account. Once enforced, two-step verification requires all users on the parent account to follow an SMS-based two-step verification experience for every login and at least once every 30 days.

In  Two-step verification in your account-wide Manage Security settings, select the first box Enable two-step verification on this account so it only applies to your parent account.

NOTE: Parent account two-step verification settings are only available within the team security settings on the parent account. Once implemented, it impacts the parent account only. Select Enable two-step verification on this account

Subaccount requirement (all subaccounts)

Account Holders can choose to enforce two-step verification as an added level of security on just their subaccounts, excluding the parent account. When activated, users in subaccounts will not be able to edit their individual settings to turn off two-step verification.

Select the second box  Enable two-step verification on all subaccounts in your account-wide Manage Security settings' Two-step verification tab to enable this for all subaccounts.

Subaccount requirement (only select subaccounts)

Account Holders can enforce two-step verification as an added level of security on select subaccounts. When enabled on specific subaccounts, users in them will not be able to edit their individual settings to turn off two-step verification.

Start with the subaccount you wish to enable appearing in the upper right corner of your Litmus window. Choose Settings, then Manage Security in the account-wide settings area. You can select Enable two-step verification on this account to apply this added security for just that specific subaccount. Change subaccounts in the upper right corner and repeat for any additional subaccounts that need two-step authentication.

two step verification with options to enable for parent account and subaccounts

Top Did this help?


Custom session length

To further protect Litmus accounts from unauthorized access, Account Holders can add customizable session lengths so idle Litmus accounts will be automatically logged out after a specified time frame.

NOTE: Custom session lengths are customizable at the subaccount level and not universal across all accounts.

Custom password settings

Customizable by password character diversity, blocklisting, and reuse parameters, Account Holders can set minimum requirements for passwords on their account. It includes:

Password character diversity

Enforce a baseline of complexity for passwords by requiring any number of digitals, symbols, uppercase, and lowercase characters.

Password blocklisting

Blocklist prefixes and fields can be used to prevent common phrases (such as “password” and “1234”) from being included in a password.

Password expiry and reuse

Setting an expiry will ensure passwords change on a regular basis. Configure how many password changes are required before a password can be reused, or prevent reusing passwords altogether.

NOTE: Custom password settings are customizable at the subaccount level and not universal across all accounts.

animation showing session and password settings screen with customization options

Top Did this help?


Single sign-on with SAML

Single sign-on (SSO) powered by SAML lets you easily authenticate and manage user access, while your team enjoys a streamlined login process—access to Litmus with a single click. Learn more about enabling SSO with SAML and your Identity Provider.

animation showing configure SAML authentication options

Top

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us