Skip to main content

I am looking for the best practices for creating a login policy/password policy for our DocuSign end users.

In a DocuSign support article, it states: The DocuSign system allows users a set number of log-in attempts with an incorrect password. For account security, if a user enters the wrong password too many times, the system locks the user out temporarily. Users can attempt to log in again after a brief waiting period.

What is the number of log-in attempts before the system locks the user? What is the waiting period? Can these be altered by our account admins?

Additionally, I am trying to figure out information on when two-factor authentication happens. Can account admins make this a feature for unrecognized devices, or is it an automatic system setting?

Hello,

Thank you for reaching out here in the DocuSign Community.

For security reasons we cannot disclose the number of attempts set by default however, the account Admin may request to set a custom number of failed login attempts before the lockout, for that, they will need to create a case with support.

 The waiting period should be around 30 minutes without logging attempts.

The Admin can change specific requirements to set passwords and as I mentioned before, they can request to set a custom number of failed login attempts, please see Password Security, for more information.

The two-factor authentication is set by the user, not the admin, if the admin needs to be in charge of this a Single Sign-on must be set in the account.

Please let us know if you need further assistance with anything else and click "Select as Best" below if you find the answer a valid solution to your issue!

You can create a case at https://support.docusign.com/en/contactSupport and a Support agent will contact you, If you are not able to open the case on the same page, you should scroll down to More Support Options and select "I can't reset my password or don't have an account." you will have the option of filling out the form or calling Support.

  

Best regards,

Christopher | DocuSign Community Moderator

Reply


Code of Conduct