• Overview
    Key features
    • Observability
    • Auto-scaling
    • Multiframework
    • Security
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    • PHP
    • Python
    • Node.js
    • Ruby
    • Java
    • Go
  • Industries
    • Consumer Goods
    • Media/Entertainment
    • Higher Education
    • Government
    • Ecommerce
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Login
  • Request a demo
  • Free Trial
Meet Upsun. The new, self-service, fully managed PaaS, powered by Platform.sh.Try it now
Cover image

Improving access and security for your projects

20 April, 2020
Augustin Delaporte
Augustin Delaporte
VP Product

Gain greater control over authentication and mitigation with single sign-on

We trust that you are creating great applications. And we want to help you keep those applications secured. So we are introducing multiple changes to our infrastructure to improve the performance and security of our user management.

We plan to release those changes by April 29th, 2020. You can follow the maintenance window on Platform.sh StatusPage.

To get started, we have designed a more secure and user-friendly log-in application. Existing URLs will automatically redirect you to the new one, so there is no change to make on your existing login workflow.

We are also instituting strong customer authentication. Starting April 29th, Platform.sh will enforce the following password policy for new users and for existing users who choose to change their password:

  • Passwords must be at least 10 characters in length and include one lower case letter, one upper case letter, one number, and one special character.
  • Users can't reuse one of their eight previous passwords.

In addition, we are dropping support for the CLI password login. This has been deprecated for a while in favor of the browser login with platform login or API token login with platform auth:api-token-login.

We are also dropping support for logging in using a username. You will now be required to login with your email address if you are not using an external federated account (like Google, GitHub or Bitbucket).

Finally, we are enabling Single Sign-On (SSO), which allows an organization to use its own identity provider to authenticate their Platform.sh users. It will provide for greater mitigation controls, empowering you to deactivate users and deny project access to those without the proper user credentials.

SSO will be available to our Elite and Enterprise customers. Contact our sales team if you are interested in learning more about this topic.

So keep on creating great applications, and we’ll keep on keeping them safe.

Get the latest Platform.sh news and resources

Related Content

We can’t wait for SBOMs to be demanded by regulation

We can’t wait for SBOMs to be demanded by regulation

AboutSecurity and complianceTrust CenterCareersPressContact us
Thank you for subscribing!
Field required
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceAcceptable Use PolicyManage your cookie preferencesReport a security issue
© 2024 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺