Best practices to protect your organization¶
We recommend the following best practices to protect your organization in the production environment:
-
Strong authentication for Asgardeo administrators
It is recommended to enable strong authentication for administrators with access to your admin console. This can be done by users' preference only. Administrators can enable multi-factor authentication for their asgardeo account. Learn more
-
Enable account locking upon failed login attempts
Protect your organization from password brute-force attacks by locking the affected user accounts. Learn more
Note
Make sure you have branded the account locking and account unlocked email templates according to your organization's theme.
-
Enable multi-factor authentication for business applications
MFA provides an additional layer of security to the resources of the organization. If one factor is compromised or broken, an attacker still has at least one more barrier to breach before successfully breaking into the resource. Learn more
-
Prevent using undocumented features
You should not use undocumented features without confirming with the product team.