Security Settings
Configure organization security policies
Protect your organization with security settings and policies.
Accessing Security Settings
Navigate to Settings → Organization → Security.
Two-Factor Authentication (2FA)
Enforcing 2FA
Require all members to use two-factor authentication:
- Go to Settings → Organization → Security
- Enable Require Two-Factor Authentication
- Set grace period for existing users (optional)
- Click Save
2FA Methods
Supported methods:
- Authenticator App — Google Authenticator, Authy, etc.
- SMS — Text message codes (if enabled)
User Setup
When 2FA is enforced, users must:
- Download an authenticator app
- Scan the QR code
- Enter verification code
- Save backup codes
Session Management
Session Timeout
Configure how long sessions remain active:
- Short (1 hour) — High security
- Medium (8 hours) — Balanced
- Long (30 days) — Convenience
Active Sessions
Users can view and revoke their active sessions in Account Settings → Security.
Password Policies
Recommended password requirements:
- Minimum 8 characters
- Mix of letters, numbers, symbols
- No common passwords
- Regular password changes (optional)
Audit Logging
Track security-related events:
- Login attempts
- Permission changes
- Settings modifications
- Data exports
Best Practices
- Enable 2FA for all users
- Use strong password requirements
- Review audit logs regularly
- Train users on security awareness
- Keep integrations and access tokens secure