Manage authentication settings

Select authentication levels

All accounts include a lockout mechanism. If the system detects a quick succession of multiple failed login attempts, the user account is temporarily unavailable to prevent brute force attacks.

To specify a password policy, do the following:

Enable 2-step verification

To strengthen the security in their Adobe accounts, your users can set up 2-step verification. Once set up, your users require a verification code to sign in to their Adobe accounts before they enter their Adobe account passwords. This setup is done by each user in their Adobe account. Adobe users can normally turn 2-step verification on and off on depending on their security preferences.

As an admin, you have the option to enforce two-step verification. This ensures that users then do not have the options to turn it off.

When you turn on 2-step verification, the users in your organization will receive an email.

• After you've set up 2-step verification, the first time a user signs in, Adobe requires the collection of their phone number. This ensures that the user can recover their account in case they've lost the password.
• This policy will prevent users who have already set up 2-step verification from taking any action but from un-enrolling.
  
• Users who have not set up 2-step verification will be required to enroll in this service the next time they sign into their Adobe account. Refer your users to enroll in the Admin-initiated two-step verification.

Manage social login policy

As a teams or enterprise admin, select the social login providers you want to allow for users in your organization. Existing Adobe ID users who log in with a disabled social provider will be forced to set a password on their next login. When disabled, we'll notify all your users via email.

Go to Admin Console Authentication settings and select the social options you want to allow for your users. Then Save.

If a user attempts to sign-in via a social login that you've disabled, we notify the user about its unavailability. We then prompt the user to create a password for their Adobe ID or Enterprise ID. Then, the user will sign in using these credentials.

Manage IP-based access

IP-based access empowers you to restrict your users from using their assigned apps and services from random public IP addresses. You can add selected public IP addresses to the Allowed IP addresses list in the Authentication settings section.

Once IP-based access is enabled, users don't face any forced logouts. However, users cannot sign in or switch profiles from outside allowed public IPs, and the restricted profile is disabled. Learn how to limit product access by IP addresses to enhance your organization's security.

Manage advanced settings

To control how long your users remain authenticated in Adobe apps, use the following Advanced settings:

• Max session life: Users need to reauthenticate after the duration you specify. The session life is effective on all user sessions of Adobe apps across devices.
  
• Max idle time: Adobe will automatically sign out users who do not interact with the account for a period more than the idle time that you specify. The idle time affects the following Adobe Web Applications:
  • Creative Cloud Web
  • Adobe Experience Cloud
  • Adobe Express
  • Adobe Stock
  • Adobe Color
  • Adobe Font
  • Creative Cloud Assets
  • Behance/Portofolio
  • Acrobat.com

Join the conversation