- Getting started
- Data security and compliance
- Organizations
- Authentication and security
- Allowing or restricting basic authentication
- Local users password complexity requirements
- Licensing
- About licensing
- Unified Pricing: Licensing plan framework
- Activating your Enterprise license
- Migrate from Test Suite to Test Cloud
- License migration
- Assigning licenses to tenants
- Assigning user licenses
- Deallocating user licenses
- Monitoring license allocation
- License overallocation
- Licensing notifications
- User license management
- Tenants and services
- Accounts and roles
- AI Trust Layer
- External applications
- Notifications
- Logging
- Testing in your organization
- Troubleshooting
- Migrating to Test Cloud
Test Cloud admin guide
Basic authentication refers to signing in with the username and password of a local account. The All available methods option (the default) includes basic authentication alongside Google and Microsoft sign-in.
To disable basic authentication, select either Google sign-in or Microsoft sign-in. When you restrict sign-in to a single SSO provider, users without an account in that provider cannot log in.
Setting basic authentication at the organization level
To allow or restrict basic authentication for your organization:
-
Navigate to the Admin section, select Security.
-
Under Sign-in options for local users, select one of the following options:
Option Description All available methods (default) Users can sign in with Google, Microsoft, or a UiPath username and password. Google sign-in Users can only sign in with Google. Sign-in with a UiPath username and password is blocked. Microsoft sign-in Users can only sign in with Microsoft. Sign-in with a UiPath username and password is blocked. -
Select Save to apply your changes.
You can switch back to All available methods at any time to re-enable basic authentication.
Password complexity
Editing the Password complexity settings does not affect existing passwords.
The following table describes the password complexity you need when creating a password:
| Field | Description |
|---|---|
| Special characters | Select to force users to include at least one special character in their password. By default, this checkbox is not selected. |
| Lowercase characters | Select to force users to include at least one lowercase character in their password. By default, this checkbox is selected. |
| Uppercase characters | Select to force users to include at least one uppercase character in their password. By default, this checkbox is not selected. |
| Digits | Select to force users to include at least one digit in their password. By default, this checkbox is selected. |
| Minimum password length | Specify the minimum number of characters a password should contain. By default, it is 8. The length cannot be smaller than 1 or greater than 256 characters. |
| Days before password expiration | Specify the number of days for which the password is available. After this period, the password expires and needs to be changed. The minimum accepted value is 0 (the password never expires), and the maximum is 1000 days. |
| Number of times a password can be reused | The minimum accepted value is 0 (never allow reusing a password), while the maximum is 10. |
| Change password on the first login | If set to Required, users that log in for the first time must change their password before being allowed to access Orchestrator. If set to Not required, users can log in and continue to use the admin-defined password until it expires. |
Account lockout
The following table describes the different account lockout settings:
| Field | Description |
|---|---|
| Enabled or Disabled toggle | If enabled, locks the account for a specific amount of seconds after a specific amount of failed login attempts. This also applies to the password change feature. |
| Account lockout duration | The number of seconds a user needs to wait before being allowed to log in again after exceeding the Consecutive login attempts before lockout. The default value is 5 minutes. The minimum accepted value is 0 (no lockout duration), and the maximum is 2592000 (1 month). |
| Consecutive login attempts before lockout | The number of failed login attempts allowed before the account is locked. The default value is 10 attempts. You can set a value between 2 and 10. |