We have introduced new and enhanced security measures designed to help safeguard customers’ sensitive information and fight fraudsters:
Strong password policy: from now on, passwords must have 8 or more characters (containing lower case, upper case, numbers, and special characters/symbols). Current passwords will remain untouched.
User Login Lockout policy: users now have a limited number of login attempts. If these have been used up, the user will be locked out for 30 minutes.
Users will get the same error message ("Wrong password") irrespective of whether a wrong email address or wrong password has been used. This is a security measurement that prevents hackers from finding out whether a particular person has signed up with ApprovalMax.
File Uploading Lockout policy: if a user tries to upload more than 30 files in one minute, the server will refuse any further uploads from this user for 5 minutes.
There is now a size restriction of 3 MB max per attached file.
There are now file type restrictions: the upload of .EXE, .MSI, .CMD, .BAT, .COM files will fail.