Well configured remote access solutions, like LogMeIn, increase productivity with no adverse impact on network security. As we continue to advance our security features, we are committed to ensuring the ease-of-use for users combined with components that promote secure, safe, and wise use of our products.
According to recent research, security concerns are the number one roadblock for businesses moving to the cloud. Taking the appropriate steps to secure your business is often simple –but 55% of businesses do not require two-step verification to ensure that extra layer of security and authentication. Further, over half of businesses rely on either in-app prompts to direct users on updates and password strength or rely on employees to establish password strength and change passwords on their own.
With this in mind, we are excited to announce several new advancements to our Login Policy features that add additional security to prevent unauthorized access to your LogMeIn account and offer several verification options for end-users to gain instant access so that they are better equipped to be productive from anywhere. This is particularly important for those companies in regulated industries that require HIPAA and PCI compliance.
What’s new with Login Policy?
Two new options are available for Password strength: ‘Standard’ and ‘Strong’. Applying a “Strong” password policy will force users to create a robust, secure password meeting the following requirements.
- Seven characters or more
- Made of capital letters, lowercase letters, and numbers
- Required change every 90 days
- Does not match user’s LogMeIn ID
- Does not match the LogMeIn ID or any of the user’s four most recent passwords
Your users will be affected at their next login after the feature has been enabled. If users have a password that does not meet the requirements, they will be forced to change their password.
Forced Two-Factor Authentication
Two-factor authentication adds a second layer of protection to your LogMeIn account. Now, administrators can require this feature for all users. This added security process prompts users to enter a one-time security code with their password whenever they sign in. Users have the opportunity to set this up from either a mobile authenticator app or via SMS text message. Additionally – if the primary method is unavailable, users will be able to request a code via a backup.
All methods of two-factor are available for use. Users can use:
- Security Codes via SMS
- Google Authenticator (or Android/Windows equivalent)
- Emailed Security Codes
- LogMeIn Authenticator App – NEW
LogMeIn Authentication App
To make our end users experience as fast and simple as possible, we now have our own LogMeIn Authenticator app which can be used to simplify the second factor authentication to a single gesture.
The LogMeIn Authentication App is a dedicated two-step verification tool for use with LogMeIn accounts. Using LogMeIn Authenticator, users can verify their identity by tapping the notification that they receive when attempting to sign in to their LogMeIn account. The app will also generate security codes as a secondary verification solution when your phone is offline.
For a detailed overview of these Login Policy enhancements, check out our online guide for updates on Password Strength and Two-Step Verification or login now. Also download the LogMeIn Authentication App today!
 Edge Strategies and LogMeIn
 Ponemon Research and LogMeIn
 ESG Research
 When used and configured properly, the technical security features employed by LogMeIn assist companies with their HIPAA and PCI compliance requirements. In combination with User Access through Group/Computer permissions, LogMeIn allows you to get HIPAA and PCI ready.
 Please note it will not work with external sites/apps.