Jan. 26, 2020
User password & session security updates
Keeping your data safe has always been our top priority. Not only is Elorus ISO 27001 certified, but we also strive to improve the application security every day. Today, we introduce an enhanced password strength policy, as well as a new lockout process to secure your account.
From now on, Elorus will only accept passwords that are considered "strong", being at least 8 characters and containing a mix of capital, lower case letters and digits. Hence, Elorus will be locking your account when you fail to enter the password correctly. The lockout process will protect you from potential attackers attempting to guess your password. Of course, for your own convenience, this is a temporary lock out: You may try again after 20 minutes or even request a password reset to unlock and access your account immediately.
Last but not least, we've updated the application to terminate your session after 30 minutes of inactivity. If you're on a private computer and wish to bypass this feature, you may use the "Stay signed in" option while logging in.