Keeping your account secure and data protected is a growing concern in today’s era. For a good experience with HackerRank, we recommend you to follow some of the best practice guidelines.
Why is this important:
Security compliance is of utmost importance across all organizations and failure to do the same might lead to data loss and business risk. Here are some of the key reasons why maintaining compliance with IT regulations is important for organizations.
- Enhancing Security
- Reducing Data Loss
- Building Trust among all stakeholders
Keeping in line with the security compliance measures of companies, HackerRank has come up with a number of best practice measures that can help you enhance the security of your HackerRank for Work account.
Create a strong password for your account
We recommend using a strong password for your new HackerRank account. Some key points to remember while setting up your account password:
- Use a combination of alphanumeric characters in your password
- Ensure to maintain a minimum of 8 characters while setting your password
- Use at least one uppercase letter, one lowercase letter and one digit in your password
Keep your account credentials private
Sharing user account credentials with fellow team members might raise a question on data security.
Keeping this in mind, HackerRank has introduced a new feature that adds an extra layer of security to your HackerRank for Work account.
With this feature, if you try to login to your HRW account while the same remains active in multiple other devices or browsers, you will receive a warning message prompting you to either cancel this log in or log out from the existing sessions.
If you choose to continue with the new login, you will automatically be logged out of existing sessions and logged into the current one.
We have started to roll out this feature to customers and will soon make it live to your organization. You can request this feature for your account at firstname.lastname@example.org if you need it on priority.
Note: This is a mandatory authentication check that the system performs and it cannot be turned off. Consider changing your account password if you see the message again and again.
Inactive Session Timeout
As an enterprise organization that is particular about compliance and security, you might want to ensure the security of your data by implementing a strict session inactivity timeout limit.
As a company admin of the HackerRank for Work account of your organization, you can set a threshold, beyond which, if any session within your organization is inactive, then the same will be automatically logged out. Follow the below steps to set session timeout in your HackerRank for Work account.
- Login to your HackerRank for Work account.
- Click Settings from the top right dropdown of your account.
- From the left-hand panel of your Account Settings page, click on the Compliance & Security option.
- Scroll down to the Timeout Inactive Session section.
- Tick the “Enable timeout for inactive sessions” checkbox and set the inactivity time limit for your organization. Any session, that stays beyond this set threshold, will get automatically logged out of the network.
- You can set any time limit between 15 mins to 24 hours as the threshold for inactive session timeout.
Note: This setting is available to Company Admins only. And, if you do not wish to set an inactivity timeout limit for your organization, then, any inactive session within your organization will automatically get logged out after 24 hours.
- Users will get below the message on their screen if they stay inactive beyond the threshold value set by the company admin.
- On clicking on the Login button, users will be redirected back to the Account login page. Please note that any unsaved progress in the previous session will be lost if the session goes inactive and the same user or other any other user logs in after that.
Note: While setting up the inactivity time limit ensure to maintain a balance between usability and security so that your team members can comfortably carry out their activities within the application, without their sessions frequently expiring. We recommend setting 30 mins as the threshold value.
Close your account once work is over
Another good practice to ensure data security is to close your session when work is over. After making any change always save your work and once your work is over, logout from your account. This reduces the chance of other entities(authorized or unauthorized) accessing your system or losing important data.