Authentication settings

You can use different authentication methods for your organization depending on your needs. You can also reset your authentication settings as necessary.

Password policy

For users on the Command Platform, you can select a default password policy or create a custom one.

Default password policy

The default Command Platform password policy requires that all passwords meet these formatting rules:

Minimum of 8 characters
At least 1 uppercase (A-Z) character
At least 1 lowercase (a-z) character
At least 1 number (0-9)
Must not contain any part of the user's Rapid7 account email address

Options for custom password policies

If you prefer to enforce a custom password policy for your Command Platform users, these configuration options are available:

Minimum password length:
- 12 characters
- 16 characters
New passwords cannot be the same as the user's previous...
- 5 passwords
- 12 passwords
- Do not enforce this
Passwords expire after...
- 90 days
- 365 days
- Never

Reset authentication

If a user loses access to their multi-factor authentication (MFA) application or device, forgets their password, or cannot sign in through single sign-on (SSO), a Platform Administrator can do the following:

From the left menu of the Platform Home page, click the Administration link.
In the left menu of the Administration page, click User Management.
Search for the user from the Users table.
Click the pencil icon to edit their profile.
Click the Reset link in the upper right corner.

You will see a confirmation banner indicating that the MFA has been reset. The user will receive an email with further instructions on reconfiguring their MFA options.

Did this page help you?

Role-Based Access Control

Product and trial access requests

Authentication

Single sign-on