Customize Your User Profile

swimlane turbine provides flexibility in managing your user profile, allowing you to customize personal settings and manage access tokens, roles, and groups for detailed installation instructions, refer to the https //swimlane com/knowledge center/turbine installer/ completing your profile upon your first login, you'll see the complete your profile screen follow these steps to finalize your profile this action opens the user profile editor , allowing you to upload a profile picture to personalize your account view the account’s most recent activity update general details such as your display name, email, and time zone assign groups & roles to control permissions (admin only) enable or disable user accounts (admin only) changing your password open the password tab and fill in the required fields enter your current password enter a new password and confirm it by re entering password requirements must differ from the current password minimum length 6 characters must meet complexity requirements must match confirmation password complexity algorithm swimlane turbine uses the zxcvbn password strength estimation algorithm to evaluate password complexity this algorithm, developed by dropbox, provides a more secure and user friendly alternative to traditional password composition rules how zxcvbn works the zxcvbn algorithm analyzes passwords through pattern matching and conservative estimation it recognizes and weighs 30,000+ common passwords common names and surnames from us census data popular english words from wikipedia, us television, and movies common patterns including dates repeats (e g , aaa ) sequences (e g , abcd ) keyboard patterns (e g , qwertyuiop ) l33t speak substitutions the algorithm estimates the number of guesses an attacker would need to crack the password and assigns a complexity score from 0 to 4 password complexity scores score description security level 0 too guessable risky password provides minimal protection passwords with this score are easily cracked (estimated guesses < 10³) 1 very guessable protection from throttled online attacks provides basic protection against online attacks with rate limiting (estimated guesses < 10⁶) 2 somewhat guessable protection from unthrottled online attacks provides protection against online attacks without rate limiting (estimated guesses < 10⁸) 3 safely unguessable moderate protection from offline slow hash scenario provides moderate protection against offline attacks using slow hash functions like bcrypt, scrypt, or pbkdf2 (estimated guesses < 10¹⁰) 4 very unguessable strong protection from offline slow hash scenario provides strong protection against offline attacks using slow hash functions (estimated guesses ≥ 10¹⁰) minimum complexity requirement administrators can configure the minimum password complexity score required for user passwords in the account security settings the default minimum complexity score is 0, but administrators can set it to any value from 0 to 4 based on their organization's security requirements benefits of zxcvbn more secure unlike traditional password rules (for example, "must contain uppercase, lowercase, numbers, and symbols"), zxcvbn identifies truly weak passwords that may meet those rules but are still easily guessable more flexible users can create strong passwords using memorable phrases rather than complex character combinations better user experience provides clear feedback about password strength and suggestions for improvement for more information about the zxcvbn algorithm, see the https //github com/dropbox/zxcvbn enabling two factor authentication two factor authentication, or 2fa, adds an additional layer of security to swimlane turbine user accounts each time users sign in, they will need a password and a verification code you can enforce 2fa across your organization users will then be required to set up 2fa and will not be able to disable the setting go to the authentication tab in your profile editor click enable 2fa to enable once you enable, enable two factor authentication window is displayed follow the instructions displayed on the window to setup 2fa to disable 2fa, click disable 2fa creating a personal access token personal access tokens are secure alternatives to passwords when accessing swimlane turbine apis or scripts here's how to create one go to the personal access token tab in your profile editor click generate token the token will appear immediately important copy and save the token securely, as it won’t be shown again once generated, the token is hidden to maintain security assigning groups and roles to manage user permissions and access levels, you can assign groups and roles to a profile navigate to the groups & roles tab select from the available groups and roles, which are predefined by administrators note groups and roles must be set up in advance by an administrator