Security & Multi-Factor Authentication

Setting Up MFA

Multi-factor authentication adds a second layer of protection to your account. Standardise supports Time-based One-Time Passwords (TOTP) using any standard authenticator app such as Google Authenticator, Authy, or 1Password.

1. Navigate to Settings > Security.
2. Click Enable MFA to display a QR code.
3. Scan the QR code with your authenticator app, or enter the secret key manually.
4. Enter the 6-digit code from your authenticator to verify and activate MFA.

Once enabled, you will be prompted for a TOTP code on every login after entering your email and password.

Backup Codes

When you enable MFA, Standardise generates a set of one-time backup codes. Each code can only be used once and serves as an emergency method to access your account if you lose your authenticator device.

• Store your backup codes in a secure location such as a password manager or a printed copy in a safe.
• Each code is single-use. Once used, it cannot be reused.
• If you run out of backup codes, disable and re-enable MFA to generate a fresh set.

Account Lockout

To protect against brute-force attacks, accounts are automatically locked after 5 consecutive failed login attempts. Once locked, the account owner must wait for the lockout period to expire or contact an organisation admin for assistance.

Password Requirements

Passwords are hashed using PBKDF2 with SHA-512, 100,000 iterations, and a random 16-byte salt. Standardise never stores plaintext passwords. Choose a strong, unique password that you do not reuse across other services.

Session Management

Sessions last for 30 days with a daily token refresh. If you do not access the platform for 30 days, you will be signed out automatically and need to log in again. For shared or public devices, always sign out manually when you are finished.