Set password policies for logging into NAVER WORKS and configure rules for multiple incorrect password attempts.

You can set whether to allow other login methods that allow you to log in without entering an ID/password.

1. In the left menu of Admin, select 'Security' to expand the menu, then click 'Account Security' to go to 'Account Security'. On mobile, tap to open the menu.
2. Press on the right for each item to change the settings.
3. Press 'Save' at the top to apply changes.

Password policies

To secure the accounts of members who sign in with a password, you can adjust the settings for password registration, expiration, and incorrect password attempts.

Changing this setting does not log members out of the service.

After changing the settings, when members register a new password, they will create a password according to the new policy.

1. In the left menu of Admin, select 'Security' to expand the menu, then click 'Account Security' to go to 'Account Security'. On mobile, tap to open the menu.
2. You can change the settings by pressing the button on the right for each field.
3. Press 'Save' at the top to apply changes.

The following are the detailed descriptions of each field.

Advanced settings	Option
Password format	Members must generate a password in the format specified by the administrator during the registration process. Require alphanumeric characters: The password must include English letters and numbers. Require alphanumeric and special characters: The password must include English letters, numbers, and special characters. English is case sensitive.
Password length	Set the minimum length of passwords for members to use. The password length, in English standard, can be set from 8 to 20 characters.
Password expiration	Set how long after members set a password to register a new password. Never: As long as the members do not change their password, they can continue to use the existing password. Password expires after 30/60/90/180/365 days: Members with an expired password must register a new password when logging in.
Restrict password reuse	Restrict re-use of recently used passwords. Do not restrict: You can reuse the last password. You cannot use the last 1/2/3/4/5 passwords.
Limit the number of login attempts	Suspend an account with several sign-in attempts with wrong passwords. Members with a suspended account will sign out of all NAVER WORKS services. Members with a suspended account can sign in to NAVER WORKS only after the administrator removes suspension.
Bulk reset passwords	You can reset the passwords of all members at once. Only members with an 'In use' status and a registered password are eligible for a reset. However, Super Admins and members who have not registered their ID/password after signing up using Quick Login will be excluded. Here are two ways to reset. Change now: Resets all members' passwords to the same new password. All members will be forced to log out and log in with a new password. Request to change: Send a password change request to all members. For security reasons, if a member needs to change their password, force the password reset first and then send a change request again.

Login policy

Set up a company-wide login policy for security.

1. In the left menu of Admin, select 'Security' to expand the menu, then click 'Account Security' to go to 'Account Security'. On mobile, tap to open the menu.
2. You can change the settings by pressing the button on the right for each field.
3. Press 'Save' at the top to apply changes.

2-factor authentication

2-factor authentication is an additional authentication step that members go through when logging in to keep their accounts safe.

The administrator can set 2-factor authentication to 'Required - Apply 2-step verification to all members', requiring all members to activate it, or set it to 'Optional – Apply according to members' selection', allowing members to choose whether to activate 2-factor authentication.

• When the 2-factor authentication is enabled, members will receive a one-time authentication number via their personal email addresses or mobile phone numbers (text message) saved in their personal information. However, members who are logging in with their mobile phone numbers for 2-factor authentication can only receive the authentication number via their personal email addresses.
• Each member will check their personal email and mobile phone number registered in their personal information when they activate 2-factor authentication. If you change the email address or mobile phone number in your personal information after enabling the 2-factor authentication, the authentication number will be sent to your new personal email address or mobile phone number.
• If you are using Business Support products including Attendance and Approval, you can set up 2-factor authentication for each service by selecting 'Go to Business Support Settings Two-Factor Authentication'.

Feature	Option
2-step verification	Required: All members must enable the 2-factor authentication. After the settings are changed, members will need to register their 2-factor authentication method the next time they log in. From that point on, they will only be able to log in after completing the 2-factor authentication. Optional Each member can choose to enable or disable the 2-factor authentication. The 2-factor authentication will be enabled at the time of login only for the members who have manually enabled the 2-factor authentication.
Skip 2-step verification on trusted devices	This setting applies only to mobile devices that members have logged in once and then added as trusted devices according to the 'Login with the phone unlock method (FIDO)' feature below. For trusted mobile devices, you do not need to go through 2-factor authentication when logging in to the NAVER WORKS app next time with biometric authentication.

If the 'Organizational Integration > Member' setting has been activated in Developer Console, each member is not allowed to change their personal information. Therefore, they cannot enter the 2-factor authentication.

If this is the case and 2-factor authentication is set to required, members who have not saved their personal email address or mobile phone numbers in personal information cannot log into their account. To prevent this situation, please make sure all members have entered their personal email addresses or mobile phone numbers in advance.

Keep logged in to PC app/Drive Explorer

You can set whether members stay signed in when they sign in to the PC app or Drive Explorer.

If the administrator enables this feature and members use the stay signed in option, they can access the PC app or Drive Explorer without logging in after restarting the app.

Feature

Option

Stay logged in to PC app/Drive Explorer

Allow: All members can use the Keep logged in to PC app/Drive Explorer function. Do not allow: Members can no longer use the stay signed in feature in the PC app or Drive Explorer. A service notification message will be sent to all members about setting changes. All members of the domain including those who have used the stay logged in function must log in again every time. This function setting is not available in Settings. Checking the 'Keep me logged in' checkbox on the PC app log in screen will not keep you logged in.

Limit simultaneous web access

Limit the number of web browsers that can simultaneously access an account.

Feature	Option
Limit simultaneous web access	No limit: Freely use PC Web NAVER WORKS without any restrictions on the number of browsers. 2 browsers/4 browsers

Idle session timeout

Set to automatically log out after a set period of time without any activity.

If you log in again, you can use the service again.

However, when set to 'No limit' on the PC and mobile web, the actual idle session timeout is set to 24 hours and can be extended up to 30 days if you select 'Keep me logged in' when logging in on PC Web.

Feature	Option
PC web/Mobile web	No limit 30 minutes/1 hour/2 hours/4 hours/6 hours/12 hours/24 hours/7 days/14 days/30 days
Mobile app	30 days/180 days/1 year

Login method

You can allow members to log in using the quick login method instead of entering their ID and password.

Log in with phone number

Instead of entering their ID and password, members can log in to NAVER WORKS by receiving a one-time authentication number using their mobile phone number.

First, members can directly verify their mobile phone number once, link their mobile phone number to their NAVER WORKS account, and then log in using this method.

• If you are unable to receive text messages with the registered mobile phone number, you can receive a authentication number through a service notification message.
• Members can link a mobile phone number registered in personal information or link to a new number.
• If you connect the phone number different from the one in your personal information, the connected phone number will only be used for signing in to NAVER WORKS. It will not be displayed or used. (For the lost ID/Password, the mobile phone number in the personal information is used.)

Feature

Option

Login with phone number

Allow: When this feature is enabled, members are allowed to log in by receiving authentication number using their mobile phone number. All members will be notified that this feature is now available. Do not allow: If this feature is disabled, members will no longer be able to log in by receiving authentication number using a mobile phone number. Members who have already set up and used this feature will not be able to use the 'Login with phone number' feature the next time they log in.

Log in with NAVER

Instead of entering their ID and password in NAVER WORKS, members can log in with their personal NAVER ID.

Members can first directly link their NAVER WORKS account and NAVER ID, and then log in using this method.

• The linked NAVER ID is only used for login and is not displayed in NAVER WORKS service.
• Administrators can also disable 'Login with NAVER' settings for specific members for security settings.

Feature	Option
Login with NAVER	Allow: When this feature is enabled, members are allowed to log in with their NAVER ID. All members will be notified that this feature is now available. Do not allow: If this feature is disabled, members will no longer be able to log in with their NAVER ID. Members who have already set up and used this feature will not be able to use the 'Login with NAVER' feature the next time they log in.

Mobile app Quick login

Instead of entering ID and password to sign in to NAVER WORKS, members can log in with the PIN or biometric authentication method saved in the mobile app.

To use this login method, members must set to use Quick login function and then register a PIN.

However, depending on the internal usage conditions, this setting may not be displayed.

Feature	Option
Quick login (Mobile app)	Allow: When this feature is enabled, all members are allowed to activate the mobile app's Quick Login feature. All members will be notified that this feature is now available. Do not allow: When this feature is disabled, members can no longer use the mobile app's Quick Login feature. Members who have been using this function must use a different login method from the next login.

Login with the phone unlock method (FIDO)

Members can log in using the mobile phone unlock method such as biometric authentication set on the device.

First, members can log in this way by registering their device with the NAVER WORKS app as a trusted device, and enabling 'Login with the phone unlock method'.

• If a member logs in to the mobile app by unlocking their phone, 2-factor authentication will not proceed.
• When a member logs in to the PC Web, PC App, or Drive Explorer by unlocking their mobile phone, they can log in by approving the login authentication request on the device by entering their ID or mobile phone number of their trusted device.
  The administrator can set whether to proceed with a 2-factor authentication at this point.
• Administrators can check the device names registered by members for security management and remove specific devices.

Feature

Option

Login with the phone unlock method (FIDO)

Allow: Allow members to log in using this function. All members will be notified that this feature is now available. Do not allow: Restrict members from using this function to log in. All trusted devices will be deleted for members who have already set up this function and will need to log in using a different method from the next login. Members who are already using this function will receive a notification.