Security Settings for All Knack Plans
Here at Knack, we take the security of your data seriously, whether that be your HIPAA compliant healthcare app that includes protected health information or your soccer logistics app with contact information of all your coaches, parents and players.
This article describes the security settings in Knack which are included in all Knack plans. Our "HIPAA Plan: Security Settings" help article walks through additional security settings for apps on HIPAA plans.
Summary of Settings
Each of these settings are detailed further below.
- Inactivity, Builder: Being inactive for 15 minutes logs you out of the Builder
- Passwords, Builder: No common passwords, minimum of 8 character password
- Failed Logins, Builder: Lockout after 3 failed attempts within a 15 time period, lockout for 15 minutes after the failed attempts, sends user an email when they've been locked out
- Secure Browser, Live App: When an http:// URL is accessed, it automatically redirects to the https:// version.
Inactivity logout provides security measures to automatically log out your users when they are inactive within the Builder.
This setting is always turned on for anyone logging into the Builder and will log you out after 15 minutes of inactivity.
We've also implemented requiring longer and more complex passwords for users logging into the Builder. This helps to protect your app data as it's more difficult to guess a password. This setting is always enabled.
- No common passwords
- Minimum of 8 character password
Failed Logins, Builder
When a user tries to log in to the Builder too many times within a short period of time, they now will be locked out. If your Builder login becomes locked, you'll need to wait either 15 minutes or use the forgot? link to reset your password. This setting is always enabled.
- Lockout after 3 failed attempts within a 5 time period
- Users are locked out for 15 minutes after the above-failed attempts
- Sends sends user an email when they've been locked out
Secure Browser, Live App
This setting for Live App URLs is an option for all existing apps and is enabled by default for new apps. With this setting enabled, if anyone accesses your live app on http://, they'll automatically redirect to the https:// version. This setting is enabled from App Settings > Security tab > Secure Browser section.
Security Settings for HIPAA Plans
Accounts on our HIPAA Plan provides additional levels of security settings required for HIPAA compliant software. We have all of these details outlined in our help article "HIPAA Plan: Security Settings".