Redtail's Email Hosting Services provide the following features to increase mailbox security:
2FA with Redtail Email Hosted Accounts
The use of two-factor authentication to prove a user's identity is based on the premise that an unauthorized actor is unlikely to be able to supply both factors required to access an account which utilizes 2FA. If, in an authentication attempt, at least one of the components is missing or incorrect, the user’s identity is not established with sufficient certainty and access to the user's Redtail Webmail account being protected by two-factor authentication remains blocked. For steps on setting this up, click here
Configurable Password Policy
Redtail can customize a password policy to your specifications that requires users to create strong passwords to guard against simple password harvest attacks. Users can be locked out of their accounts if they fail to sign in after the maximum number of attempts configured. The password settings that can be configured are listed below:
Minimum/Maximum password length - Specifies the required length of a password. The default minimum and maximum are 6 and 64 characters, respectively.
Minimum /Maximum password age - Configures the password expiration date. Users can change their passwords at any time between the minimum and maximum. They must change it when the maximum password age is reached.
Password Complexity - Require password to meet defined complexity requirements, such as:
Minimum upper case characters - Upper case A - Z
Minimum lower case characters Lower case a - z
Minimum punctuation symbols - Non-alphanumeric, for example !, $, #, &, %
Minimum numeric characters - Base 10 digits 0 - 9
Minimum number of unique passwords history - Number of unique new passwords that a user must create before an old password can be reused.
Configuring a Login Policy
Set the maximum number of failed login attempts before the account is locked out for the specified lockout time. This type of policy is used to prevent password attacks. When a Login Policy is enabled, the following settings can be configured:
Number of consecutive failed logins allowed - Number of failed login attempts before the account is locked out. The default is 10. If set to 0, the account is never locked out.
Time to lockout the account - Amount of time the account is locked out. If this is set to 0, the account is locked out until the correct password is entered, or the administrator manually changes the account status and creates a new password. The default is 1 hour.
Time window in which the failed logins must occur within to lock the account - Duration of time after which the number of consecutive failed login attempts is cleared from the log. The default is 0, the user can continue attempts to authenticate, no matter how many consecutive failed login attempts have occurred.
Configuring a Session Timeout Policy
Set how long a user session should remain open and when to close a session because the session is inactive.
Auth token lifetime - Sets a browser cookie that contains the ZWC auth token. User can open ZWC without having to log on again until the auth token expires. The default is 2 days. When it expires, the login page is displayed and the user must log in to continue.
Session idle lifetime - How long a user session remains active, if no activity occurs. Activity includes any clickable mouse action, such as viewing folder contents or clicking a button. The default is unlimited.
If you wish to create some custom policies for your domain, please contact Redtail Support at firstname.lastname@example.org
or by calling (800) 206-5030.