We have SAML Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies on all hosting services to ensure protected access.
Safeture uses the PBKDF2 (Password-Based Key Derivation Function 2) function to generate password hashes and enforces a complex password standard (minimum 10 letters, at least one capital letter, at least one lower case letter, and at least one number). This only applies to clients who do not have SSO enabled. Password hashes are not stored in the Safeture database for customers that use SSO.
Two-factor authentication is enabled by default and is enforced on Administrators unless SSO is enabled. The 2FA-code can be provided to the Safeture Mobile Application through push notifications, by e-mail and/or by SMS (default).