Security
Back office token protection
The token protection helps secure access to your back office by using tokens.
Configure the password policy & password strength indicator
The password policy menu allows you to configure your store's password policy by choosing between 5 increasing levels of complexity. This will allow you to decide how strict you want to be about user passwords.
Passwords are rated from 0 (Extremely guessable) to 4 (Very unguessable) based on their security score. The minimum and maximum length of passwords can be set manually.
When creating an account, front office users receive real-time cues of their chosen password’s strength according to the back office password policy. A color-coded cue – as well as a tooltip – will help them understand if their password is strong enough.
Note: themes must be updated to support this feature. See Your current theme
Cue color | Password length | Password strength |
---|---|---|
🟥 | Not long enough | Not strong enough |
🟧 | Not long enough | Strong |
🟩 | Good | Strong |
An example of a weak password (🟥,🟧) | An example of a strong password (🟩) |
---|---|
Manage employee and customer sessions
These tabs allow you to manage employee and customer sessions. To delete a session and sign out the user, click on the delete button in the Actions column.
To access the back office, the employee or customer will need to sign back in using their email and password.
Clear outdated Sessions
The Clear button allows you to manually delete outdated sessions to reduce database clutter.
Last updated