Security
Last updated
Last updated
The token protection helps secure access to your back office by using tokens.
The password policy menu allows you to configure your store's password policy by choosing between 5 increasing levels of complexity. This will allow you to decide how strict you want to be about user passwords.
Passwords are rated from 0 (Extremely guessable) to 4 (Very unguessable) based on their security score. The minimum and maximum length of passwords can be set manually.
When creating an account, front office users receive real-time cues of their chosen password’s strength according to the back office password policy. A color-coded cue – as well as a tooltip – will help them understand if their password is strong enough.
Note: themes must be updated to support this feature. See Your current theme
Cue color | Password length | Password strength |
---|---|---|
🟥 | Not long enough | Not strong enough |
🟧 | Not long enough | Strong |
🟩 | Good | Strong |
An example of a weak password (🟥,🟧) | An example of a strong password (🟩) |
---|---|
These tabs allow you to manage employee and customer sessions. To delete a session and sign out the user, click on the delete button in the Actions column.
To access the back office, the employee or customer will need to sign back in using their email and password.
The Clear button allows you to manually delete outdated sessions to reduce database clutter.