Password security rules
When creating or resetting a password, the following rules apply:- Your password cannot be too similar to your other personal information.
- It must contain at least 8 characters.
- It cannot be a commonly used password.
- It cannot be entirely numeric.
- It must include at least one lowercase letter, one uppercase letter, one digit, and one special character.
👉 If your organization requires specific policies (e.g. longer length, rotation, advanced complexity), you will need to use SSO.
Features not natively supported
At this stage, our authentication system does not include:- Two-Factor Authentication (2FA/MFA).
- Automatic password expiration.
Our strategy is to focus on our core product features and delegate identity management to specialized providers via SSO.
SSO support in Paradigm
Currently, the Paradigm platform supports SSO via SAML:- Available in all our plans.
- Compatible with major providers (Keycloak, Okta, Ping, Azure AD, etc.) → see documentation.
- If your organization uses another protocol (OIDC, Kerberos, LDAP…), please contact support. We will evaluate the request and consider integration based on the product roadmap.
User management and compliance
- User account management can be automated using SCIM (create, delete, deactivate) → see documentation.
- Account deletion and deactivation are immediate and tracked in an audit log.
- The system is GDPR-compliant. For other standards (ISO 27001, NIST, etc.), compliance depends on your SSO infrastructure.
- Without SSO: a robust but non-customizable system.
- With SSO: full flexibility to align Paradigm with your security policies.