LeadSquared Security Settings – Login Settings

1. Feature Overview

Administrator users can configure LeadSquared login settings for their users. To access these settings, navigate to My Profile>Settings>Security>Login Settings.

For information on other security-related settings, see –

• LeadSquared Security Settings – Authentication Provider
• LeadSquared Security Settings – Session Management

2. Enable Password Encryption

To enable this setting, click the slider . When enabled, passwords will be encrypted and sent from the browser to the server. Users will not be able to ‘Remember Password’ and the password won’t be stored anywhere in the browser cache.

3. Mandate Two Factor Authentication

To enable this setting, click the slider . When enabled, all users will be required to log in using two-factor authentication. They will be prompted to set up their preferred method of authentication while logging in to their accounts –

To learn more, see LeadSquared Security Settings – Two Factor Authentication.

4. Enable Dynamic Token for Mobile App

To enable this setting, click the slider . You can add more security to your Leadsquared account on the mobile app by enabling a dynamic authentication token. When you enable this feature, you won’t be able to simultaneously log in to your account on different mobile devices. If you log in from a second device, you’ll be logged out of your account on the first device.

5. Force Logout All Users

You may want to force logout users from your account for a number of possible reasons –

• LeadSquared may have added new features/enhancements or you may have opted for additional features or a change of plan. Sometimes, this requires users to log back in.
• If you suspect that your account has been compromised, you can force log-out all users as the first safety precaution.
• Some users prefer not to log out of their accounts which may pose security risks.

Alongside the Force Logout All Users setting, click .

6. Force Reset Password For All Users

To ensure all your users change (reset) their passwords, alongside Force Reset Password For All Users, click Reset. This will automatically log out all your users from their LeadSquared accounts. When they try logging in, they’ll be required to set new passwords for their accounts.

7. Set Password Policy For Users

You can customise and set requirements (e.g., minimum password length allowed, minimum special characters allowed, etc.) for the passwords your users create. To do this, click Configure, and enter the following details –

• Minimum password length characters – The minimum character limit for the password. This setting is mandatory. The minimum limit you can set is 6 characters.
• Minimum upper case letter(s) from Latin alphabet (A-Z) – The minimum number of upper case letters that can be included in the password. You can allow up to 15 upper case letters in a password.
• Minimum lower case letter(s) from Latin alphabet (a-z) – The minimum number of lower case letters that can be included in the password. You can allow up to 15 lower case letters in a password.
• Minimum number(s) – The minimum number of numbers (0-9) that can be included in the password. You can allow up to 15 numbers in a password.
• Minimum non-alphanumeric character(s) – The minimum number of special characters (e.g., !@#$%, etc.) that can be included in the password. You can allow up to 15 special characters in a password.
• Maximum repeating characters – The minimum number of repeating characters (e.g., the letter ‘s’ ‘passssword’) that can be included in the password. You can allow between 2-15 repeating characters.
• Maximum sequential numbers – The maximum number of sequential numbers (e.g. the numbers 1,2,3 or 7,8,9) that can be included in the password. You can allow between 2-15 sequential numbers.
• Remember last password(s) to prevent password reuse – The number of last passwords (in sequential order) that cannot be set as the new password. For example, if your last four passwords were Purple, Orange, Maroon and Yellow (Purple being the newest), and if you set the value to 2, you cannot set Purple or Orange as the new password, but you can set Maroon or Yellow. You can restrict up to 10 previous passwords from being set as the new password.
• Password expires in day(s) – The number of days for which the current password will be valid. Once the password expires, your users will be required to set a new password. The minimum number of days you can set is 1.

Once you’re done, click Save.

Any Questions?

Did you find this article helpful? Please let us know any feedback you may have in the comments section below. We’d love to hear from you and help you out!