Security Settings

Recollective includes a number of important and security capabilities. Please contact us if you would like to receive a comprehensive review of Recollective's security and privacy related features.

Basic Recommendations

A number of security features can be controlled by site administrators. The two most basic considerations relate to user's passwords. 

We recommend the following best practices:

  • Have participants choose their own passwords or at least force them to change the password provided upon their first visit.
  • Never include passwords in email as emails are sent in plain text and will persist in the participant's inbox for quite some time.

Advanced Security Options

The following security options are also configurable for a site in the Site Administration area under Settings: Account SettingsDue to usability concerns, we don't recommend enabling all security options at once

  • Enforce use of two-factor authentication (by role)
  • Enforce greater password complexity
  • Block re-use of past passwords
  • Reduce the idle time required before a session expires
  • Disable use of Remember Me on login
  • Lock accounts after fewer failed login attempts
  • Notify multiple administrators when accounts get locked
  • Disable automatic login on emailed broadcasts
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.