To help protect sensitive business and customer data, Gingr follows password security standards aligned with Payment Card Industry (PCI) compliance requirements. These standards are designed to reduce the risk of unauthorized access to your account and ensure secure handling of financial information across the platform.

Strong password policies are a key part of PCI compliance and cybersecurity best practices. By enforcing complexity rules and requiring regular password updates, Gingr helps ensure that your business is operating in a secure, accountable environment - protecting not only your team but also your customers.

This article outlines the current password requirements for all email-based logins in Gingr.

Password Security Requirements

To maintain compliance with PCI standards, Gingr requires all business portal user accounts to meet the following password security requirements:

• Minimum of 12 characters

• At least 1 uppercase letter

• At least 1 lowercase letter

• At least 1 number or 1 special character

Passwords must be updated at least once every 90 days. These requirements apply to all users who log in with an email and password. 

Password Expiration Days

To provide a further level of data security, you can also require that users change their passwords on a regular basis. To do so, you'll set an expiration date for passwords on the Admin > User Account Settings page.

Enter a number of days in this field after which a set password becomes expired. For example, entering 30 in this field will require a new password for each user after 30 days. Upon login on the 30th day, they will be prompted that their password is expired and to set a new one.

 Important:  The Password Expiration Days field can not exceed 90 Days.

Related Resources

• Admin Access Reference
• App Permissions Reference
• Restricting User Access by IP Address How-To
• Deactivate User Accounts How-To