What password requirements does Laposta have?

If you have created a Laposta account, or if you get your own login in an existing account, you always create your own password. Laposta has a password policy for this.

A password should have a minimum of 8 and a maximum of 64 characters. Additionally, the password may contain lower and uppercase letters, numbers, and special characters, but it does not have to. In fact, a long password is more secure than a short password with different characters. For instance, the password 'cheese book tree bike' is more secure than 'P@ssword123'.

When creating a new password, Laposta gives feedback to indicate if the password is secure enough. If the password is similar to a widely used password, or if it is too short and using uppercase letters will not help to secure it, Laposta will show a notification immediately. You can only save the password if it is deemed secure enough.

Setting a new password

If you want to, or if you have forgotten your password, you can reset your password yourself. You will receive an email with a link at the email address known to us. The link directs you to a form where you can enter a new password.

We do not require users from our application to periodically set a new password. Nowadays we see that resetting passwords has adverse effects, because it often leads to choosing weaker passwords and the re-use of patterns. Moreover, users appear to write the passwords down, and making it mandatory to set a new password can lead to frustration.

Choose extra security with 2FA

Multiple-factor authentication (or two-factor authentication, 2FA) is a better security measure than periodically requiring a password reset. Laposta offers every user the possibility to set up 2FA, and gives organisations the option to make 2FA mandatory in a Laposta account for all of their users. Read here how to active 2FA in your account.

If you have paid account, you can also implement another custom authentication mode, which is Single Sign-On.