Skip to content
Sign in
Contact us
  • There are no suggestions because the search field is empty.

How to Set Login Policy in Company Security Settings

This guide explains how System Administrators can configure company Security Settings in LendingPad. You’ll learn how to update password expiration rules, enable Multi-Factor Authentication (MFA), configure Single Sign-On (SSO) providers, and manage trusted IP addresses. Beginning October 2025, MFA will be mandatory for all users.

📢 Important Reminder

Beginning October 5th, 2025, logging in with only a username and password will no longer be supported. Multi-Factor Authentication (MFA) will be required for all users.

  • System Admins → Go to Settings > Security > Manage Security and update the Authentication Type to Multi-Factor Authentication (MFA).

📌 Admin Tip
Before enabling MFA, double-check that all users have a mobile phone number entered in their Profile. Without it, SMS codes cannot be delivered.

  • Users → Once MFA is enabled, open your Profile and choose your preferred method: SMS or Google Authenticator.

✅ Please complete this setup before October 5, 2025 to avoid login issues and ensure a smooth transition.

👉 See [How to Set MFA Provider in Your Profile (User Setting)] for step-by-step instructions.

Updating Security Settings (System Admin)

System Admins can manage company-wide login policies and enable MFA requirements.

  1. Go to Settings.

  2. Scroll down (or use the search bar) and select Security.

  3. Click Manage Security.

  4. In the General Information section, set your security preferences:

    • Adjust the Password Expiration period (30–180 days).

    • From the Authentication Type dropdown, select Multi-Factor Authentication (MFA) to require MFA for all users.


Authentication Providers (Optional)

    • Next to the General Information tab, open the Authentication Providers section.
    • Choose from the four available Single Sign-On (SSO) options.
    • Even with SSO enabled, users will still need to complete MFA using either SMS or an Authenticator app.
    • For Okta, make sure to enter the Client ID, Client Secret, and URL.

    👉 See [How to Create an Okta Integration for LendingPad] for step-by-step instructions.

Authorized IP Addresses (Optional)

    • To manage exceptions for trusted locations, open the Authorized IP Addresses tab.
    • Click Add New IP Address.
    • Choose a Type:
      • Company – Allow users logging in from the office to skip the second security code.
      • User – Allow a specific user logging in from a designated location, such as a home office, to skip the second security code.
    • Enter the IP address, set the validity period, and add a description (e.g., “Main Office” or “John’s Home IP”).
    • Click Save. Users logging in from an authorized IP address will not be prompted for a second MFA code.
After saving:
    • You’ll return to the Security Settings page, where you can review your updated configurations. To make changes, click Manage Security.
    • Next to Security Settings, click Audit to review login activity, including timestamps, browser type, and IP addresses. Set a time range and click Search to filter results.

Questions? Contact us at support@lendingpad.com - We’re here to help.