Skip to main content

Organization Settings

Admin Only

This page is only visible to organization administrators.

Configure security policies for your entire organization, including MFA enforcement and password requirements.

Accessing Settings

Navigate to Settings under the Admin section in the sidebar.

The settings page has two sections: Security and Password Policy.

Security

Require MFA for All Users

Toggle the Require MFA for all users switch to enforce multi-factor authentication organization-wide.

When enabled:

  • Users without MFA will be prompted to set it up on their next sign-in
  • Users cannot disable MFA while the requirement is active
  • New users must set up MFA during their first login

When disabled:

  • MFA becomes optional for all users
  • Users can still enable MFA voluntarily on their Security page
info

Enabling MFA enforcement does not immediately lock out users. They are prompted to set up MFA on their next sign-in.

Password Policy

Configure minimum password requirements that apply to all new passwords in your organization.

Minimum Password Length

Set the Minimum password length field to a value between 8 and 128 characters.

Complexity Requirements

Check any combination of requirements:

  • Require uppercase letter — Password must contain at least one uppercase letter
  • Require lowercase letter — Password must contain at least one lowercase letter
  • Require digit — Password must contain at least one number
  • Require special character — Password must contain at least one special character

Password Expiration

Set the Password expiration (days) field to require periodic password changes. Enter a value between 1 and 365 days, or leave empty to disable password expiration.

When a password expires:

  • The user is shown a Change your password screen on their next sign-in
  • They must set a new password before they can continue
  • The new password must meet the current policy requirements

Saving Changes

Click Save Password Policy to apply your changes.

info

Password policy changes apply to new passwords only. Existing passwords are not affected until users change them or their passwords expire.

Next Steps

API Reference: For programmatic access, see Update Organization.