Password policy
EZLease uses Amazon Web Services (AWS) for all sign-in processes. User accounts require strong passwords, in accordance with security policies. Users can self-service reset their password. Verification uses one-time email verification codes to confirm reset requests. Currently, there is no limitation on reusing prior passwords.
Users can attempt but fail to sign in correctly five times before Amazon Cognito temporarily locks them out. Lockout time starts at one second and increases exponentially, doubling after each subsequent failed attempt, up to about 15 minutes. Amazon Cognito ignore attempts to log in during a temporary lockout period, and these attempts don't initiate a new lockout period. After a user waits 15 minutes, Amazon Cognito resets the temporary lockout.
Password Requirements
Password minimum length: 8 character(s)
- Contains at least 1 number
- Contains at least 1 special character (^ $ * . [ ] { } ( ) ? - " ! @ # % & / \ , > < ' : ; | _ ~ ` + =)
- Contains at least 1 uppercase letter
- Contains at least 1 lowercase letter