• Overview
    Frameworks
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Features
    • Observability
    • Auto-scaling
    Solutions
    • Marketing Teams
    • Retail
    • Higher Education
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Contact
  • Login
  • Free Trial
Blog
Cover image

Improving access and security for your projects

newfeaturessecurity
April 20, 2020
Augustin Delaporte
Augustin Delaporte
VP Product

Gain greater control over authentication and mitigation with single sign-on

We trust that you are creating great applications. And we want to help you keep those applications secured. So we are introducing multiple changes to our infrastructure to improve the performance and security of our user management.

We plan to release those changes by April 29th, 2020. You can follow the maintenance window on Platform.sh StatusPage.

To get started, we have designed a more secure and user-friendly log-in application. Existing URLs will automatically redirect you to the new one, so there is no change to make on your existing login workflow.

We are also instituting strong customer authentication. Starting April 29th, Platform.sh will enforce the following password policy for new users and for existing users who choose to change their password:

  • Passwords must be at least 10 characters in length and include one lower case letter, one upper case letter, one number, and one special character.
  • Users can't reuse one of their eight previous passwords.

In addition, we are dropping support for the CLI password login. This has been deprecated for a while in favor of the browser login with platform login or API token login with platform auth:api-token-login.

We are also dropping support for logging in using a username. You will now be required to login with your email address if you are not using an external federated account (like Google, GitHub or Bitbucket).

Finally, we are enabling Single Sign-On (SSO), which allows an organization to use its own identity provider to authenticate their Platform.sh users. It will provide for greater mitigation controls, empowering you to deactivate users and deny project access to those without the proper user credentials.

SSO will be available to our Elite and Enterprise customers. Contact our sales team if you are interested in learning more about this topic.

So keep on creating great applications, and we’ll keep on keeping them safe.

Get the latest Platform.sh news and resources
Subscribe

Related Content

Don’t be held to ransom: Security awareness with Platform.sh

Don’t be held to ransom: Security awareness with Platform.sh

Company
AboutSecurity and complianceTrust CenterBoard and investorsCareersPressContact us
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceManage your cookie preferencesReport a security issue
© 2022 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺