User Security Setup Preferences

The settings described in this document are maintained on the Security Preferences screen.

1. Navigate to User Security > Security Preferences to view or update these options.

Password Policy

By default, Acumatica enforces standard user password requirements.  Passwords cannot be left blank.

1. The default password policy requires:
   1. A length of 8 characters
   2. At least three of the following character types:

• • • Lowercase letters
    • Uppercase letters
    • Numbers or special characters

Password requirements can be modified at the site level using the Security Preferences screen, if needed.

 Two Factor Authentication

 Acumatica supports out-of-the-box two-factor authentication using the following methods:

• Acumatica App installed on the user’s mobile device.
• One-time passcode sent via email
• One-time passcode sent via SMS text message.

If two-factor authentication is required, refer to the Firefly documentation specific to the selected authentication method.

Additional security options include:

• IP Address restrictions, which can be configured at the individual user level.

 Single Sign-On (SSO)

 Acumatica supports single sign-on (SSO) using OpenID identity providers, such as:

• Azure Active Directory
• Google
• Microsoft
• OneLogin
• Okta

 NOTE: SSO requires the “Advanced Multi-Factor Authentication” module to be added to the license and enabled.

 Account Lockout Policy

 Acumatica includes a default account lockout policy to protect against unauthorized access attempts.

• The standard lockout settings are enabled by default.
• Lockout thresholds and behavior can be adjusted on the Security Preferences screen, if required.