Reset Your Credentials
This article demonstrates best practices for managing your credentials and offers tips to avoid some of the common pitfalls.
SpinUp’s password requirements
Do’s and dont’s when resetting credentials or your API key
Whether your resetting your account password, server passwords, or your API key, here are a few considerations to keep in mind:
Always meet or exceed password requirements for maximum security.
Never send passwords or API keys over email. If email is the only available option, do not send the passwords or keys in plain text.
Do not recycle old passwords.
Do not use passwords that you use elsewhere.
If you use API tokens, know which parts of your application rely on API tokens.
Treat an API key reset as routine maintenance because, if you have automation that uses API tokens, these resets can disrupt your application.
Best practices for managing passwords
Here are some tips and tricks to follow in your day-to-day operations:
Follow a password expiration policy to change passwords on a set cadence to maintain resiliency.
If you use a password manager to store passwords or API keys, ensure that you have two-factor authentication (2FA) enabled for maximum security on that service.
On that topic, it’s a good idea to enable 2FA for any business or personal service you use.
If you haven’t already enabled 2FA on your SpinUp account, here is our article on how to enable 2FA.
While we have you, go ahead and enable 2FA everywhere you can. This is important…we’ll wait! :)