Security Settings

Security Settings

Last update: 26.02.2024

Password expiration date 

To set a password expiration date: 
1. In the administrative panel, go to Security settings, then select the Password expiration subsection. 

2. Tick the checkbox enabled

By default, the system will set the expiration date to 90 days; after this time, you need to change the password. 

However, you can select your own expiration date. 

Password protection against brute force attacks 
To set protection against brute force attacks, go to the Security settings section, then to the Brute Force Attack Prevention subsection. 

Set the required parameters and click Save

Use CAPTCHA – Use captcha — enable/disable 

(Time) Interval_for_check — the duration for which a person is blocked from the system (specified number = in seconds). The system will register the number of attempts and increase blocking time with each attempt.  Default value: 21600 sec. After the specified time has elapsed, the number of attempts and blocking time for the user are updated. 

 
ATTEMPT — The number of unsuccessful login attempts, after which user’s account is blocked.  

  • First by DELAY_SECONDS,  
  • Each additional incorrect attempt will increase the time by the number set in “DELAY_SECONDS_FOR_EXTRA_ATTEMPT.” You can enter an integer from 1 to 99 in the field. 

DELAY_SECONDS is the length of time a user will be blocked from the login page when the user exceeds the allowed ATTEMPT (specified number = in seconds). The default value is 60.  

Afterwards, the time between attempts is delayed by 5 seconds:  

  •  On the 6th attempt, the time increases to 15 seconds 
  •  On the 7th attempt, the time increases to 20 seconds. 

 
DELAY_SECONDS_FOR_EXTRA_ATTEMPT — Blocking interval.  

If after the first login lockout, the user continues to enter incorrect data: the lockout time increases from the previous lockout time by the amount specified in the lockout interval (specified number = in seconds). Default value: 0 
captcha_invalid_authorizations — the number of incorrect login attempts N, after which the user is shown the Captcha test. 

It is possible to add a rule with a different number of attempts and set the blocking time and interval by clicking Delay for the attempt number. 

    • Related Articles

    • Importing and Exporting Workspace Settings

      Last update: 04.06.2025 An administrator can save workspace settings as a JSON file (create a backup) and, if necessary, apply the saved settings to the workspace. Saving workspace settings does not save content (assets and their metadata). If you ...

    • Notification Settings

      Last update: 02.06.2025 A user can configure the time and method for receiving notifications about comments and changes to assets and collections. These settings are individual for each user. To view current settings and change them, go to User ...

    • Password Policies

      Last update: 26.02.2024 Picvario has a new password settings. To set the criteria for passwords > go to the administration panel > the Security section > Password Policy subsection. The Password Policy section contains seven criteria for creating a ...

    • Picvario Integration with Amazon S3

      Last update: 24.03.2023 Follow the link to learn more about the possibilities and benefits of the integration of the Picvario system with S3 cloud storage and find instructions for setting up Amazon S3 storage. To set up other cloud storage ...

    • How to Integrate Picvario with External Repositories

      Last update: 21.02.2024 There are a few ways to import assets. It is possible to do it not only through the web interface, but also directly, from external repositories, and then manage them both from repositories and from Picvario. Any connected ...