Set OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

Watch

Save as PDF

Share this page

Feedback

HomeYokohama Platform securityPlatform SecurityHardening settingsAuthenticationSet OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

Table of Contents

Set OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

Release version:
Yokohama
Xanadu
Washington DC
Vancouver
UpdatedJan 30, 2025
1 minute read

Yokohama
Platform Security

Set OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

Control the time duration of the link in the password reset email.

This property makes the link in the password reset email expire after the number of hours specified in the property passed. The validity time of a password reset token should be kept as short as possible while not disrupting normal user experience.

More information

Search:


Attribute	Description
Configuration name	glide.pwd_reset.onetime.token.validity
Configuration type	System Properties (/sys_properties_list.do)
Data type	integer
Recommended value	12
Default value	12
Category	Authentication
Security risk	Severity score: 5.6 CVSS score: Medium Security risk details: Having a long validity time for the password reset token increases the chance of a bad actor performing an account takeover.
Dependencies and prerequisites	None

Yokohama Platform security

Filters

Versions

Products

Set OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

Table of contents

Set OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

Set OTP lifetime for password reset to 12 hours or less [Updated in Security Center 2.0]

More information

On this page

Log in to get a better experience

Please let us know how to improve this content

Save as PDF

Please let us know how to improve this content