Password security rules
When creating or resetting a password, the following rules apply:- Your password cannot be too similar to your other personal information.
- It must contain at least 8 characters.
- It cannot be a commonly used password.
- It cannot be entirely numeric.
- It must include at least one lowercase letter, one uppercase letter, one digit, and one special character.
👉 If your organization requires specific policies (e.g. longer length, rotation, advanced complexity), you will need to use SSO.
Features not natively supported
At this stage, our authentication system does not include:- Two-Factor Authentication (2FA/MFA).
- Automatic password expiration.
Our strategy is to focus on our core product features and delegate identity management to specialized providers via SSO.
SSO support in Paradigm
The Paradigm platform supports SSO via the following protocols:- SAML — Available in all our plans. Compatible with major providers (Keycloak, Okta, Ping, Azure AD, etc.) → see documentation.
- OpenID Connect (OIDC) — Available in all our plans → see documentation.
- LDAP — Directory-based authentication for corporate environments → see documentation.
User management and compliance
- User account management can be automated using SCIM (create, delete, deactivate) → see documentation.
- Account deletion and deactivation are immediate and tracked in an audit log.
- The system is GDPR-compliant. For other standards (ISO 27001, NIST, etc.), compliance depends on your SSO infrastructure.
- Without SSO: a robust but non-customizable system.
- With SSO: full flexibility to align Paradigm with your security policies.