Password Policy Editor
LeadExec’s password policy editor is designed to give an account control over its users password complexity, length, and expire duration. This is to improve security as well as to force users to confirm to a set password expectation.
The Password Policy editor is located in the General Preferences section of the Settings tab in LeadExec.
Once the policy is implemented in the account, all users across LeadExec, client portals and vendor portal will be forced to update their password if their current password does not meet the requirements set in the Password Policy Editor.
This setting is set to “No” by default and must be configured by an admin to engage the functionality.
Multi-Factor Authentication (MFA)
Multi-factor authentication provides a user with an extra security step to ensure that even if their password is compromised, someone can’t get into their account.
When a user logs into an account that has MFA enabled, the user will be prompted to provide a security code that is delivered via email or SMS. This code lives for 5 minutes to allow the user time to receive the code at their preferred method, if the code is not entered within the 5 minutes the user will need to request a new code. MFA settings must be setup on the user details. If these details are not setup on the user, they will be prompted to contain their administrator and will not be allowed to log in.
Client Web Portal Settings
Open the client details (Clients -> Add/Edit Client -> Web Portal Options) and ensure that there is an Email and Mobile Number setup in the Multi-Factor Authentication section of their details.
Note: The email and phone number under the contact information section will not be used for MFA even if MFA email and phone are not setup. MFA email and/or MFA phone are required for MFA to function properly for a client logging in.
Lead Source Web Portal Settings:
Web Portal User:
Open the lead source details (Lead Sources -> Add/Edit Lead Source -> Contact Information -> Web Portal Login Information) and ensure that there is an Email and Mobile Phone setup under the Multi- Factor Authentication section.
Note: The email and phone number under the contact information section will not be used for MFA even if MFA email and phone are not setup. MFA email and/or MFA phone are required for MFA to function properly for a lead source logging in.