Articles on: Settings

Security best practices

Protecting financial data and user access is a top priority at DPO. Follow the best practices below to keep your account secure.



Protecting Your DPO Account


Enable MFA

Use two-step verification to add an extra layer of security to your login.


Manage Passwords

Update passwords regularly and use strong credentials.


Set Password Policies

Enforce book-level security rules to strengthen access control across your organization.



Enable Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) adds an additional layer of protection to your account. With MFA enabled, you must verify your identity using a second factor (such as a mobile authentication app) in addition to your password.


Why MFA is important:


  • Protects against stolen or leaked passwords
  • Prevents unauthorized account access
  • Reduces risk of phishing attacks


To enable MFA:


  1. Go to Account Settings
  2. Navigate to MFA
  3. Activate Multi-Factor Authentication
  4. Follow the setup instructions

We strongly recommend enabling MFA for all users, especially administrators and approvers


Administrators can also enforce MFA at Book level under: Admin → Password Policy


Note: Each user must still activate MFA individually in their profile.





Use Strong, Unique Passwords

Your password is your first line of defense.


We recommend creating passwords that:


  1. Contain at least 12 characters
  2. Include uppercase and lowercase letters
  3. Include numbers and special characters
  4. Are not reused across other services
  5. Do not contain personal information or company names


Avoid simple passwords such as:


  • Simple passwords like Password123
  • Company name + year
  • Reused passwords from other systems


Strong passwords significantly reduce the risk of unauthorized access.


Change Passwords Regularly

Regular password updates help reduce the risk of long-term exposure.


We recommend changing passwords:


  1. Periodically based on your company’s internal security policy
  2. Immediately if suspicious activity is detected
  3. After any known credential exposure


To change your password:


  1. Go to Account Settings
  2. Enter your Current and your new secure password
  3. Confirm your new password
  4. Click Save to apply the changes






Configure a Custom Password Policy

Administrators should configure a password policy to strengthen account security and protect financial data.


  1. Go to Admin → Password Policy.




  1. Enable Require MFA to enforce multi-factor authentication for your Book.

(Each user must activate MFA individually in their Profile.)





  1. Define password requirements for User and Administrator roles
  2. Set minimum length, complexity, and expiration period





  1. Use Advanced Settings to require special characters, uppercase/lowercase letters, or numbers.





  1. Add banned words to prevent weak or predictable passwords (e.g., company name or common terms).



Recommended policy guidelines:


  • Minimum password length of at least 12 characters.
  • Complexity requirements (letters, numbers, symbols).
  • Mandatory MFA for sensitive roles.


These measures significantly reduce the risk of unauthorized access.



Monitor Account Activity


Encourage users to:

  • Report unusual login attempts
  • Review approvals and changes regularly
  • Inform administrators if suspicious behavior is detected

Early detection helps prevent security incidents.



Summary of Recommendations


For maximum security when using DPO:


✔ Enable Multi-Factor Authentication

✔ Use strong, unique passwords

✔ Change passwords regularly

✔ Implement a password policy

✔ Assign permissions responsibly

✔ Monitor account activity





Any Questions?

Our support team is happy to help:


Email: support@digitalpurchaseorder.com

Phone: +1 888 376 7254


Or schedule a free demo – we look forward to hearing from you.

Updated on: 18/02/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!