UpGuard's password requirements

UpGuard requires unique and complex passwords for user accounts.

Written by Caitlin Postal

To protect your credentials and subsequent access to sensitive data, you can use a strong password that is hard to break. Weak passwords are easy to crack with brute force methods, whereas a complex password makes it much more difficult to determine.

UpGuard requires a level of complexity for user passwords. In addition to requiring complex passwords, UpGuard provides attack protection for user passwords. When we detect password threat behaviors, we take action to minimize exploitation:

  • When we detect a high number of login attempts from one IP address that targets many different accounts, we limit traffic from that IP address.

  • When we detect more than 10 failed password attempts sequentially, we lock the user account.

  • When we identify compromised passwords for other third-party services that have been published on the dark web, we provide breach disclosures in the Incidents & News feed. If your organization's users are impacted, we notify you within the Identity Breaches module.

This article includes information on creating a unique password within UpGuard's password requirements, as well as how to use single sign-on (SSO) and multi-factor authentication (MFA).

Your password for UpGuard must be at least eight characters and contain at least three of the following four types of characters:

  • Lowercase letters (such as a, b, c, and so on)

  • Uppercase letters (such as D, F, E, and so on)

  • Numbers (such as 1, 2, 3, and so on)

  • Special characters (such as !, #, $, and more)

For additional guidance on creating strong passwords, read our Password Security Checklist.

To change your password, you can request a password reset. Select your account in the sidebar navigation menu and navigate to your Profile from the options list. Use the button on the User Settings page.

Using single sign-on (SSO)

Single sign-on (SSO) enables users to use a single set of credentials to access the apps and services they need.

To enable SSO, an administrator for your account can contact UpGuard's support team by emailing support@upguard.com or using the chat widget in UpGuard. UpGuard supports SSO for any Identity Provider (IdP) using Security Assertion Markup Language (SAML) 2.0. For all other identity providers, contact us to understand what is needed to integrate with your tool of choice.

If the administrator for your organization's use of UpGuard has enabled SSO, all new users must be added to the SSO provider group with the requisite email domain.

SSO is often paired with multi-factor authentication (MFA), which requires multiple types of verification to gain access (such as the SSO login and an authentication app).

Using multi-factor authentication (MFA)

Administrators can enable multi-factor authentication on the User Settings page. Your organization can have MFA enabled whether or not you also use SSO.


If you need to change devices or reset your MFA settings, please reach out to our Customer Success team.

See Also