⏱ 5.5 min read
Admins on Enterprise subscriptions with the corresponding permission enabled can manage advanced security settings in order to control 2-step verification settings, as well as to customize invitation, attachment and password policy settings.
Use invitation settings to:
Use this setting to grant or revoke the right to create new Spaces from regular users.
You can also choose which administrators in the account should have the right to create Spaces by editing their admin permissions.
Limit which external file repositories the team can use and adjust Google Doc share settings. You can allow users to upload files from Box, Dropbox, Google Drive, Local Storage (computers), YouTube, and/or OneDrive.
For files attached from Google Drive, you can also choose: 1) Not to share Google Docs automatically 2) To automatically share files with users with access to the task 3) To automatically share files with users from the same domain.
*Note! If the "Local storage (computers)" option is disabled, users will not have the ability to add images via copy-pasting them into the task description and comments. Images will not be saved after attempts to paste them.
2-step verification provides an extra layer of security to the sign in process: it requires you to enter a time sensitive verification code after you enter your username and password. You can:
Use Network Access Policy settings to add approved IP address and IP subnets. Once you add approved IP addresses (or subnets), users are only able to login and access Wrike from those locations. After login, IP addresses are confirmed every five minutes, so if the IP address has changed to an address that isn't approved, the user is logged out within five minutes.
Even if you specify IP addresses, you can choose to allow mobile users and/or collaborators to login and access Wrike from any IP address.
Please note, if you’re adding an IP subnet then all IP addresses from that subnet are also approved.
Use password strength settings to ensure that passwords meet minimum strength requirements. After password strength settings are turned on, passwords cannot contain: the user’s first name, last name, or their email address. Depending on which password strength you choose (Fair, Good, or Strong) users’ passwords will have to meet additional requirements related to password length and character sets used. The password setting selected affects all regular and external users as well as collaborators.
Click the link “How Password Strength is Measured” on the Password Policies section of the Security tab to see more details regarding password strength setting options.
Select "Not set" if you don't want to set minimum password strength requirements.
Users whose passwords do not meet the new settings: will need to change their passwords the next time they attempt to login or, if they are currently logged in, will be logged out of Wrike and prompted to change their password. When users create a password (or change their existing password) it must meet the specified policy settings.
Use password history settings to specify how often users can reuse their passwords. Adjust settings so that new passwords must be different from the previous: 3, 5, or 10 passwords. The password setting selected affects all regular and external users as well as collaborators.
Select “Allow” if you want users to be able to reuse their passwords.
Password history settings are enforced the next time a user changes their existing password and works retroactively. If a user has used their current password more than the accepted number of times, then they are prompted to change it the next time they log in.
You can require users to change their passwords every 30, 60, or 90 days. The password setting selected affects all regular and external users as well as collaborators.
To require users to change their passwords
Leave the box next to “Force password change” unchecked if you do not want to force users to change their passwords.
Wrike will require users to change their passwords once the specified number of days has passed.