From the Login Security page (
Note: Your Login Security page view may differ if you have SSO enabled.
Enable MFA by email
Users can log into Qvidian, Qvidian for Office, and web add-ins using multi-factor authentication (MFA) by email. When enabled, a 6-digit PIN is sent via email when a user attempts to log in. The user will then be required to enter that emailed verification code PIN within a set timeframe.
- Select the Enable Multi-Factor Authentication by Email checkbox.
- Enter a timeframe (between 1 and 20 minutes) in which the emailed PIN verification code will expire after being emailed into the Pin Expiration Timeframe (in minutes) field. The default is 5 minutes.
- Click Save.
Caution: Failure to enter the correct PIN or an expired PIN repeatedly, will result in an error message and the user being locked out.
Set up password enforcement
- Select one of the Password Complexity options below:
- None: Select to allow users to enter any type of password with no complexity restrictions or requirements.
- Automatic: Select to apply simple rules for length ad other requirements. For example, enter a password of 5 to 7 characters that includes at least 1 number, 1 special character, 1 capital letter, and 1 lower case letter.
- Password Length: Enter the minimum Number of Characters a user must enter before password is accepted and maximum Number of Characters allowed for a password.
- Minimum Password Categories Required: Enter the minimum Number of Categories that must be used in a password.
- Password Categories: Select the checkboxes of the password categories that must be fulfilled when creating a password: Lowercase (a-z), Uppercase (A-Z), Base 10 digits (0-9), and/or Special Characters (for example, !, #, $, %, etc.).
- Manual: Select to enter a regular expression (regex) rule. For example, enter a password of 5 to 7 characters that includes at least 1 number, 1 special character, 1 capital letter, and 1 lower case letter).
- Password Validation Rule: Enter a regular expression (regex) string to validate passwords.
- Password Requirement Description: Enter a description of the password requirements that will appear on the password entry page.
- Under Prevent Reuse of Last n Passwords, enter the number of previously used passwords that users may not use again. Set this to zero if you don't want to exclude any previous passwords.
- Under Change Password Every n Days, enter the number of days after which users will be forced to change their passwords. Set this to zero if you don't want to force password changes periodically.
- Under Login Attempt Limits, enter the unsuccessful Number of attempts a user is permitted to make, within the attempt window, before being locked out. Set this to zero if you don't want to limit the number of login attempts. Enter the number of Minutes within the attempt window that a user is permitted to attempt logging in before they are locked out.
- (Optional) Enter a regular expression into the Username Validation Rule field.
- (Optional) Enter a regular expression into the User E-mail Address Validation Rule field. The default value to validate email addresses is ^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$, which allows for -----characters (including----) , the @ , and-----.
Tip: To allow email name domains longer than 4 characters, you can change the {2,4} expression to {2,6} so that up to 6 characters would be allowed: ^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,6}|[0-9]{1,3})(\]?)$. If the e-mail needs to be something like name@corp.xyz.worker, then the Regular Expression could be changed to: ^([a-zA-Z0-9_\-\.]+)@corp.xyz.worker.
Caution: Errors in these fields could prevent all users from logging into Upland Qvidian. Please contact Support for assistance before editing a regular expression.
- Click Save.
Reset all user passwords
- Click Reset all Passwords. You are prompted to confirm. On next log in, all users will be prompted to enter a new password.