We have introduced new and enhanced security measures designed to help safeguard customers’ sensitive information and fight fraudsters.
1. Password policy: from now on, passwords must be 8 or more characters (containing lower case, upper case, numbers, and special characters/symbols). Current passwords will remain untouched
2. User login lockout policy: users will have a limited number of login attempts. After that login attempts will be locked for 30 minutes
3. Users will get the same error message ("Wrong password") irrespective of a wrong email or wrong password being used. This is a security requirements that prevents hacker to know if particular person signed up with ApprovalMax
4. File uploading lockout policy: if a user tries to upload more than 30 files in one minute, the server will refuse any further uploads from this user for 5 minutes
5. Attachment size restriction: 3 Mb max per file
6. File type restrictions: EXE, MSI, CMD, BAT, COM files will fail