Security
Buddy provides a set of features designed to keep your workspace and data safe from unauthorized access.
A part of them is user-oriented, which means they are accessed from the user profile settings, whereas some are workspace-specific and restricted to the project owner and admins.
Project restrictions
These settings are available in Workspace Settings and let you decide who can create new projects and add new users. By default, all restrictions are turned off.
Project restrictions
Password strength
By default, Buddy only accepts logins of at least medium password strength. Administrators can turn on a setting that will force the workspace to accept strong password logins only.
Medium-strong password must contain at least:
- 6 characters
- one number
- one letter
- one special character
- not more than 3 identical characters in a row
Strong password must contain at least:
- 10 characters
- one number
- one uppercase letter
- one lowercase letter
- one special character
- not more than 3 identical characters in a row
Two-factor authentication (2FA)
2FA provides an extra layer of security when logging into websites or apps. You can activate 2FA in your profile settings.
2FA switch location
Buddy offers two ways to set up 2FA: via SMS or an application like Google Authenticator or Authy.
2FA configuration
Recovery codes
Once the two-factor is activated, Buddy will produce a list of recovery codes. The codes can be regenerated at any time in your profile settings.

Mandatory workspace 2FA
Workspace owners and admins can activate an option that will restrict users without active 2FA from logging in. The option is available in the workspace Preferences tab:
Mandatory workspace 2FA toggle
Developer API
Enabling the API allows you to build your own apps and services and connect them with Buddy. By default, this option is disabled in the Workspace Settings.
Developer API toggle
bash
https://api.buddy.works/user?access_token=000e0e00-00ba-0000-0a0b-c0b00000a0a0
Last modified on April 26, 2022