Username and password requirements for SendPro Enterprise
These username and password requirements apply only to SendPro Enterprise users of tenants that are configured to use the product's built-in user authentication feature.
Products affected: SendPro® Enterprise
The following applies only to SendPro Enterprise users of tenants that are configured to use the product's built-in user authentication feature. This policy is overridden when the tenant implements a third-party identity provider (IdP; OIDC). Contact Pitney Bowes if you're unsure of your tenant's configured authentication method.
Following are the user name and password policies enforced in SendPro Enterprise:
User Name
- Must not contain a space
- Must not contain special characters
Email Address
- User account must have an associated valid and verifiable email address
- Email address must not contain special characters
Password
- Must be at least 12 characters in length
- Must not be equal to any of the previous 4 passwords used
- The minimum age must be 3 days old
- Passwords expire after 90 days and must be reset
- Must contain at least one special character
- Must contain at least one number
- Must contain at least one upper-case character
- Must contain at least one lower-case character
- Must not contain more than 3 repeating characters
Authentication Security
- User accounts are locked after 5 failed login attempts
- After locking, user accounts remain so for a minimum of 15 minutes
- Account reset codes sent via email expire after 10 minutes
- Session cookies expire after 10 hours requiring re-authentication
UPDATED: November 18, 2024