Skip to main content

Set Enterprise Team policies

Your Enterprise Team has been created by Bravura Security staff. It will be managed by you and other Bravura Safe administrators after you have successfully joined the Team.

Review the policies set on the Enterprise Team and alter any necessary policies according to your business best practices. It is advised that on your Enterprise Team, you configure the minimum requirements for user master passwords to meet your company standards.

To configure minimum master password requirements:

  1. Log in to your Bravura Safe account via the web interface.

  2. Click Teams and select your Enterprise Team from the Team drop-down list.

  3. Click the Settings tab.

  4. Select Policies from the SETTINGS menu.

  5. Click Master password requirements.

  6. Select the Turn on box to enable the policy.

  7. Set the minimum requirements for master password strength as desired.

    • Minimum complexity score

    • Minimum length

    • Required characters

  8. Click Save.

Once enabled, users onboarded to this Enterprise Team must adhere to these master password minimum requirements when creating their master passwords for their accounts.

Review the following recommended policies that have already been configured by Bravura Security staff on the Enterprise Team:

  • biometrics icon Require all Enterprise Team members to authenticate to Bravura Safe using OneAuth: If this setting has been enabled it means that two-step login using Bravura OneAuth is enforced for all members, who must install the HYPR app on a trusted mobile device, create a HYPR account/register their device, and use Bravura OneAuth as the first-priority 2FA method when logging in to Bravura Safe.

    Note

    When Bravura OneAuth is configured as the enterprise-level two-factor authentication (2FA) method for Bravura Safe, it is given higher priority over individual-member 2FA methods like email and authenticator app verification (though these can still be used to log in).

  • Require all Enterprise Team members to set up at least one individual two-step login method:

    This policy has been enabled and means that two-factor authentication via email PIN will be automatically required by all users logging in to Bravura Safe for the first time.

    If Bravura OneAuth is configured, two-factor authentication via email PIN can be used as an alternative for subsequent logins.

    Once a user has created a Bravura Safe account, they can add an additional two-factor authentication method using an authenticator app.

  • Allow your Enterprise Team owners/admins to reset member master passwords:

    This setting has been enabled and means that Team owners/admins are granted the ability to reset the master passwords of enrolled members onboarded to the Enterprise Team. When a member's master password is reset by an Enterprise Team owner/admin, the member must change the master password at next login.

    Warning

    Turning OFF the Master password reset policy on the Enterprise Team means users that forget their master password can only recover the password using emergency access if they have that method configured . Otherwise, they will need to delete their Bravura Safe account and be onboarded by the Enterprise Team administrator again. See I forgot my master password for details.

These policies will apply to all users that join the Enterprise Team. For more information on Enterprise Team policies, see Enterprise Team settings and policies.

In this section: