Password policy¶

Rules for a strong password¶

Protecting your account starts with a strong password. In Data X-Ray, passwords need to follow these rules:

Must contain at least 8 characters (max. 32 characters).
Must have a mixture of letters and numbers.
Does not allow number sequences of 4 or more numbers.
Does not allow whitespaces.

Multi-factor authentication

An administrator may require all users to use multi-factor authentication when logging into the application or console. Users must configure an authentication application by scanning a QR and providing a TOTP code in order to log into the application.

Password security features¶

Account lockout protection¶

Note

This security feature only applies to username/password authentication.

To protect accounts from unauthorized access attempts, Data X-Ray implements account lockout measures:

After 10 consecutive failed login attempts, the account will be locked for 24 hours.
During the lockout period, login attempts will be rejected even with correct credentials.
This protection applies to all user types including regular users, organizational admins, and super admins.

Password reuse prevention¶

To maintain strong security practices, Data X-Ray prevents the reuse of previous passwords:

When changing your password, you cannot reuse any of your previous passwords.
If you attempt to reuse a previous password, you'll receive an error message prompting you to select a new, unique password.

For environment variable configuration related to these security features, refer to the 7.17 release notes.

Tips for a strong password¶

Here are some tips to help keep your information secure:

Use at least 12 characters: longer passwords are harder to crack.
Mix it up: combine uppercase and lowercase letters, numbers, and special characters (like !, @, #, or $).
Avoid common words and patterns: skip obvious choices like "password123", your name, or birthdate.
Use unique passwords: don't reuse the same password across different sites or applications.