11 January 2024, 02:20 UTC

Fastly is improving login experiences across Fastly and Signal Sciences consoles to make it simpler and easier for you to access Fastly products and services using a single set of login credentials. Starting Q1 2024, we'll be implementing a new web interface as part of the upgraded login experience. A summary of the main changes appears below.

• Anticipated start date: 20th of February 2024

What's changing? What do I have to do?

You'll log in to Signal Sciences and Fastly accounts with a single set of credentials. Simplified login will allow you to use a single set of login credentials to access all products and features across Fastly's suite of offerings. If you have both Fastly and Signal Sciences accounts that use the same email address, you'll no longer need your Signal Sciences credentials. We'll also make sure to disable and purge your old credentials so they can't be used by accident.

Account linking will no longer be required. When the simplified login experience goes live, customers with both Fastly and Signal Sciences accounts will no longer need to manually link those accounts. Already have linked accounts? You won't need to do anything and can start using your Fastly credentials immediately.

Password changes and 2FA setup will happen in the Fastly console. Likewise, you'll be able to change passwords and set up two-factor authentication directly in the Fastly console for both Fastly and Signal Sciences accounts. This also means that you'll be able to switch between consoles seamlessly without having to log in again.

New passwords will be required to conform to NIST guidelines. Starting Q1 2024, complexity for new and changed passwords will be required to conform to digital identity guidelines from the National Institute of Standards and Technology (specifically, the NIST800-63B guidelines). 

When choosing new passwords and updating existing ones, Fastly will require your passwords to:

• be at least 8 characters long
• be be no more than 72 characters long
• contain at least one letter and one number

In addition, new and changed passwords cannot solely contain:

• sequences of letters or numbers (e.g., 12345678, abcdefg)
• repeated characters (e.g., 222222, aaaaaa)
• adjacent key placements on a standard keyboard (e.g., QWERTY)

The system will specifically prevent you from choosing passwords that:

• match any of your four previous passwords
• match either your username or you email address
• match commonly used passwords (e.g., password123, changeme)
• use popular dictionary words in passwords of fewer than 16 characters (e.g., batterystaple) 

Existing passwords won't be affected until you choose to update them.

Session timeouts will be standardized and more secure. To help you increase your security posture on the Fastly platform, starting Q1 2024 all users will be logged out after 30 minutes of inactivity. Session timeouts will also have a default maximum of 12 hours for any organization that hasn't set up single sign-on. If your session timeout was previously set to greater than 12 hours, it will be reduced to 12 hours, and any timeout setting less than 12 hours will remain as is. The minimum timeout for sessions will be 30 minutes.

What's next? What else do I need to know?

That's it! We'll send you another email reminder about these changes just before the launch. 

Still have questions? Feel free to contact your account manager for additional details.