Securing your own account
We recommend switching to a strong second factor (e.g., Airlock 2FA) as soon as possible.
Notice
Some functionality is not available until all SaaS administrators in an organization have switched to a secure second factor.
First tenant IAM
When setting up your first tenant, you can click Activate tenant directly on the Getting Started page. This deploys a basic tenant IAM configuration within a few minutes. You can try it out immediately and then enhance the configuration step by step.
Making your tenant IAM more secure
The Getting Started configuration is for demo purposes only. However, security can be increased with the provided configuration options.
For a secure tenant IAMe recommend the following settings:
Configuration step |
Recommendations |
|---|---|
Application >> OIDC App |
When OIDC app is selected, we recommend to use a strong client secret. It should be rotated regularly and not be shared. When compromised or when the stakeholders having access to this secret change, it should be rotated immediately. |
Authentication flow |
Use Passkey, as neither Email OTP nor Password only satisfies todays security standards. |
Authentication flow >> Password security |
Use Enhanced security and activate the Disallow the use of the 100'000 most common passwords checkbox. |