Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunityDoc feedbackLog In
GitHubNuGetDev CommunityDoc feedback


When working with Optimizely <<product-name>>, there are number of options for controlling the specifics related to timeouts and passwords. Some of these options are configurable, while others are not.

## Admin console

### General settings

  • Timeout is set to 15 minutes and is not configurable in order to maintain compliance with PA-DSS.

  • Users who have the role ISC_Admin, ISC_System, or ISC_Integration, the password expires after 90 days (passwords for website users do not expire).

### Password complexity settings

The settings to control password complexity are found in the Startup.Auth.cs file:

// Configure validation logic for passwords

SecurityOptions.PasswordValidatorOptions = new PasswordValidatorOptions



### Website timeout settings

The setting that controls the website timeout for 4.x is found within Startup.Auth.cs.:



The setting that controls the website timeout for 4.x is found within Startup.Auth.cs.