System Security Properties

Last updated: June 29, 2026

Leading2Lean keeps your system both accessible and secure. Password and login settings can be customized to your site's specific security and accessibility requirements — just reach out to the L2L support team with your request.

All authentication is built on industry-standard libraries. Passwords are salted and hashed — never stored in plaintext. Login sessions are encrypted via SSL/TLS 1.2, and all data is protected both in transit and at rest.

System Properties

System properties affect all sites on a particular server.

  • Use l2l.com as the default dispatch dns domain in all user communications: For customers using l2l.com in their SAML/SSO instead of leading2lean.com; this will use l2l.com in scheduled report emails and QR code links. (Links will ask you to login again if your SAML directs to l2l.com without this setting enabled).

  • Disable Login after X Failed Attempts: this setting is entered as a number. It is used to limit the number of login attempts made for a user account 

  • Disable Login for X minutes after Failed Attempts Limit: this setting is entered as a number; it specifies in minutes how long a user account will be disabled when the number of login attempts from that account reaches the value entered for “Disable Login after X Failed Attempts”

  • Users can't use any of their last X recent passwords: this setting is entered as a number; it is used to prevent recycling of passwords tied to user accounts by disallowing the use of any of an account’s X most recent passwords

  • Don't allow common passwords to be used: this setting is entered as a 0 or 1, where 1 signifies “enabled”; when enabled, this setting prevents accounts from setting their passwords to commonly-used password phrases such as 123456, password, 111111111, etc.

  • Passwords must meet at least X of the supported complexity classes (uppercase, lowercase, numeric, non-alphanumeric): this setting is entered as a number between 1 and 4; it is used to specify how complex user account passwords are required to be by specifying how many of the four conditions (use of capital letter, use of lowercase letter, use of number, and use of special character) a password must meet

  • Case Insensitive logins for usernames: this setting is entered as a 0 or 1, where 1 signifies “enabled”; when enabled, this setting does not distinguish between capital and lowercase letters when verifying correctness of a username

  • Disable Password Reset Functionality: this setting is entered as a 0 or 1, where 1 signifies “disabled”; when enabled, this setting allows a “Reset My Password” link to appear on the Leading2Lean login page for a customer site so that users can independently reset their passwords in the system via the username and email address tied to their user account

  • Enable SSOConfig Mode Functionality: this setting is entered as a 0 or 1, where 1 signifies “enabled”; when enabled, this setting allows access to the SSO functionality configuration screen from the Setup page for users set up as IT Manager Administrators or Administrator-Administrators.

  • Enable SAMLConfig Mode Functionality: this setting is entered as a 0 or 1, where 1 signifies “enabled”; this setting allows access to the SAML functionality configuration screen from the Setup page for users set up as IT Manager Administrators or Administrator-Administrators.

Changing Property Values

To modify any of these settings for your site or server, please submit a ticket to L2L support through the support site specifying which properties you would like modified to which values and for which sites, if appropriate. As soon as L2L enacts these changes for your site and/or server, the application of these new requirements is immediate. If user passwords are out of compliance with the newly updated properties, users who are logged into the system at the time of the update will be forced to update their password once they navigate to a point in the system where the equivalent of a digital signature is being captured (for example, clicking the "Dispatch Me" button). Users who were not logged in at the time of the change whose passwords are out of compliance will be prompted to change it upon login.