Security

Ares takes security seriously. This page covers account security features and best practices.

Password Requirements

Passwords must meet these criteria:

• Minimum 8 characters
• At least one uppercase letter
• At least one lowercase letter
• At least one number

Changing Your Password

Go to Settings → Security to update your password:

1. Enter your current password
2. Enter your new password
3. Confirm the new password
4. Click Update Password

Account Locking

Accounts are automatically locked after multiple consecutive failed login attempts. This protects against brute-force attacks.

If your account is locked, contact your team Owner — they can unlock it from Settings → Team.

Session Management

• Sessions are stored in your browser's session storage
• Closing your browser tab ends your session
• Tokens are automatically refreshed while you're active
• Inactive sessions expire after a timeout period

Two-Factor Authentication

Two-factor authentication (2FA) via authenticator apps is planned for a future release. Once available, you'll be able to enable it from the Security settings page.

Best Practices

• Use a strong, unique password for your Ares account
• Don't share your credentials with others — Owners can create separate accounts for each team member
• Log out when using shared or public computers
• Report any suspicious activity to your team Owner immediately