At urllo we always like to stay one (or 2 or 3) steps ahead of what our customers need. From product features, scalability and performance we pride ourselves on developing an enterprise URL redirector solution that always delivers. Over the past month, we’ve rolled out some exciting enhancements to the urllo URL redirection engine and wanted to make sure they got their time in the limelight. You may have seen our announcement about the general availability of our URL redirector API last month, but we have also been making several other enhancements behind the scenes.
Without a doubt one of the biggest concerns among our customers is security. Security of the traffic we’re directing. Security of the accounts accessing our platform. Security of all things. It was with this in mind that we decided to make some further security tweaks to our system. While automatic HTTPS provisioning has long been a feature of urllo, we’ve begun enabling Domain Name System Security Extensions (DNSSEC) on our domains for enhanced security. Supported by reputable DNS providers, DNSSEC is an extension to DNS whereby DNS records are cryptographically signed to offer assurance that the response has not been tampered with in transit, thus reducing your vulnerability to attack.
Security improvements have also been baked into our sign-up process. Fraudulent accounts can affect everything from platform performance to user security, so weeding them out before they even enter the system is ideal. With this goal in mind we’ve added a simple email confirmation step to our onboarding process. All urllo accounts will now need to confirm their email address before continuing to the dashboard. Confirming that a user is a legitimate person who has control of the email they’ve provided, is a simple, yet effective way to validate the many new users we sign up daily.
The final security enhancement we’ve recently made was to increase the requirements for password complexity. Going forward, all new user accounts and account password changes will require the following minimum password complexity be met:
- The password must be at least 8 characters long
- The password must contain at least one upper case letter, one lower case character, and either one digit or one special character (#?!@$%^&*-)
We are excited to roll these changes out to ensure our customers get the most secure URL redirector solution possible. In the coming weeks we will be deploying more changes that directly improve URL redirect security and work to further ensure we are weeding out fraudulent accounts. Stay tuned!