--- title: "Configure realm security settings" slug: "configure-realm-security-settings" updated: 2026-04-27T19:40:21Z published: 2026-04-27T19:40:21Z --- > ## Documentation Index > Fetch the complete documentation index at: https://help.quickbase.com/llms.txt > Use this file to discover all available pages before exploring further. # Configure realm security settings > *Access to this feature can change based on your Quickbase plan. Learn more about feature availability and plans in*[*Quickbase capabilities*](/v1/docs/quickbase-capabilities)*.* Securing user credentials within your enterprise is key to protecting your data. If you leverage SAML for SSO, Quickbase will inherit the multi-factor authentication settings of your Identity Management (IdM) system. Alternatively, two-factor authentication (2FA) (also known as [two-step authentication](/v1/docs/two-step-authentication)) is available in Quickbase and you can implement it at the [realm](/v1/docs/realm-overview) level or account level. The two-step authentication security method provides the following benefits to an enterprise: - Improves security by requiring a second form of identification - Increases productivity and flexibility for mobile employees by providing secure access - Lowers helpdesk and security management costs - Reduces fraud while building secure online business relationships With two-step authentication, a user signing in to Quickbase must provide two means of identification from separate categories of credentials: - Username/password combination, and - A security code provided through email As a realm admin, you can secure user credentials by configuring [password policies](/v1/docs/password-policy) through Quickbase. You can set specific password policies across all your Quickbase accounts and applications. As part of password policy configuration, you can set: - Session controls—limit the number of concurrent sessions, set an inactivity timeout, limit the number of sign-in retries, and require two-step authentication. > [!NOTE] > Note: Allowing users to remain signed in can expose security risks. - Password controls—set password controls you can select one: - Implement a single sign-on (SSO) method. Select this method to have Quickbase inherit password security controls from your identity management provider (IdM) such as: password complexity, password expiration, and two-step authentication. - Enable Quickbase to [manage password controls](/v1/docs/configure-realm-security-settings).