Username and password requirements for SendPro Enterprise

Print this support article
Products affected: SendPro® Enterprise

The following applies only to SendPro Enterprise users of tenants that are configured to use the product's built-in user authentication feature. This policy is overridden when the tenant implements a third-party identity provider (IdP; OIDC). Contact Pitney Bowes if you're unsure of your tenant's configured authentication method.

Following are the user name and password policies enforced in SendPro Enterprise:

User Name

  • Must not contain a space
  • Must not contain special characters

Email Address

  • User account must have an associated valid and verifiable email address
  • Email address must not contain special characters


  • Must be at least 8 characters in length
  • Must not be equal to any of the previous 4 passwords used
  • The minimum age must be 3 days old
  • Passwords expire after 90 days and must be reset
  • Must contain at least one special character
  • Must contain at least one number
  • Must contain at least one upper-case character
  • Must contain at least one lower-case character
  • Must not contain more than 3 repeating characters

Authentication Security

  • User accounts are locked after 5 failed login attempts
  • After locking, user accounts remain so for a minimum of 15 minutes
  • Account reset codes sent via email expire after 10 minutes
  • Session cookies expire after 10 hours requiring re-authentication

UPDATED: May 27, 2021