Ulka Chat is now in Public Beta. Check out our latest features. Visit ulka.chat →
Settings
Security Settings

Security Settings

Manage security settings to protect your organization's data and ensure secure access to Ulka Chat.

Password Policy

Configure password requirements for all users in your organization.

  1. Go to Settings > Security
  2. Under Password Policy, configure:
    • Minimum Length: Require passwords to be at least 8-20 characters
    • Require Uppercase: Require at least one uppercase letter
    • Require Lowercase: Require at least one lowercase letter
    • Require Numbers: Require at least one number
    • Require Special Characters: Require at least one special character (!@#$%^&*)
    • Password Expiration: Require password changes after X days (optional)
  3. Click Save to apply changes

All team members will be required to update their passwords if they don't meet the new requirements.

Two-Factor Authentication (2FA)

Enable two-factor authentication to add an extra layer of security.

Enable 2FA for Your Account

  1. Go to Settings > Security
  2. Under Two-Factor Authentication, click Enable 2FA
  3. Choose your authentication method:
    • Authenticator App (recommended): Use Google Authenticator, Authy, or similar apps
    • SMS: Receive codes via text message
  4. Follow the setup instructions:
    • For Authenticator App: Scan the QR code with your authenticator app
    • For SMS: Enter and verify your phone number
  5. Enter the verification code from your authenticator app or SMS
  6. Click Verify and Enable

After enabling 2FA, you'll need to enter a verification code each time you log in.

Disable 2FA

  1. Go to Settings > Security
  2. Under Two-Factor Authentication, click Disable 2FA
  3. Confirm your password
  4. Click Confirm Disable

Require 2FA Organization-Wide

Admins can require all team members to enable 2FA.

  1. Go to Settings > Security
  2. Under Organization 2FA Policy, toggle Require 2FA for All Users on
  3. Set a deadline for team members to enable 2FA
  4. Click Save to apply changes

Team members will receive notifications to enable 2FA before the deadline.

API Keys and Access Tokens

View API Keys

  1. Go to Settings > Security
  2. Under API Keys, view all active API keys
  3. See creation date, last used date, and permissions for each key

Create New API Key

  1. Go to Settings > Security
  2. Under API Keys, click Create New API Key
  3. Enter a name for the API key (e.g., "Production Website", "Mobile App")
  4. Set expiration date (optional)
  5. Select permissions:
    • Read conversations
    • Write messages
    • Manage contacts
    • Access analytics
  6. Click Create
  7. Important: Copy the API key immediately. You won't be able to see it again.

Revoke API Key

  1. Go to Settings > Security
  2. Under API Keys, find the key you want to revoke
  3. Click Revoke next to the key
  4. Confirm the action

Revoked keys cannot be used anymore. Update any integrations using the revoked key.

Session Management

Active Sessions

View and manage active sessions where you're logged in.

  1. Go to Settings > Security
  2. Under Active Sessions, view all active sessions:
    • Device/browser name
    • Location (IP address)
    • Last activity time
  3. Click Revoke to log out from a specific session

Session Timeout

Configure automatic logout after inactivity.

  1. Go to Settings > Security
  2. Under Session Settings, set Session Timeout:
    • 15 minutes
    • 30 minutes
    • 1 hour (default)
    • 2 hours
    • Never (not recommended)
  3. Click Save to apply changes

IP Restrictions

Restrict access to Ulka Chat from specific IP addresses or ranges.

  1. Go to Settings > Security
  2. Under IP Restrictions, click Add IP Restriction
  3. Choose restriction type:
    • Allowlist: Only allow specific IPs
    • Blocklist: Block specific IPs
  4. Enter IP addresses or ranges (CIDR notation)
  5. Click Save to apply changes

Note: Be careful with IP restrictions. If you lock yourself out, contact support.

Login Attempts

Configure protection against brute-force attacks.

  1. Go to Settings > Security
  2. Under Login Attempts, configure:
    • Max Failed Attempts: Number of failed login attempts before account lockout (default: 5)
    • Lockout Duration: How long accounts are locked (default: 15 minutes)
    • Enable CAPTCHA: Show CAPTCHA after failed attempts
  3. Click Save to apply changes

Data Encryption

View encryption settings for your organization's data.

  1. Go to Settings > Security
  2. Under Data Encryption, view:
    • Encryption at Rest: Enabled by default
    • Encryption in Transit: Enabled by default (HTTPS/TLS)
    • Encryption Standards: See compliance and encryption standards

All data in Ulka Chat is encrypted both at rest and in transit.

Audit Logs

View security audit logs to track security-related activities.

  1. Go to Settings > Security
  2. Under Audit Logs, view:
    • Login attempts (successful and failed)
    • Password changes
    • 2FA enable/disable
    • API key creation/revocation
    • Permission changes
    • Settings modifications

Audit logs are retained for 90 days by default.

Data Backup and Recovery

Automatic Backups

Ulka Chat automatically backs up your data daily. Backups are retained for 30 days.

  1. Go to Settings > Security
  2. Under Backups, view:
    • Last backup date and time
    • Backup retention period
    • Backup locations

Request Data Export

  1. Go to Settings > Security
  2. Under Data Export, click Request Data Export
  3. Select data to export:
    • Conversations
    • Contacts
    • Analytics
    • Settings
  4. Choose export format: JSON or CSV
  5. Click Request Export

You'll receive an email with a download link when your export is ready (usually within 24 hours).

Single Sign-On (SSO)

Configure SSO for enterprise organizations (Enterprise plan required).

  1. Go to Settings > Security
  2. Under Single Sign-On, click Configure SSO
  3. Choose your SSO provider:
    • SAML 2.0
    • OpenID Connect
    • Custom
  4. Enter SSO configuration details
  5. Test the connection
  6. Click Save to enable SSO

See your SSO provider's documentation for configuration details.

Compliance and Certifications

View Ulka Chat's compliance certifications and security standards.

  1. Go to Settings > Security
  2. Under Compliance, view:
    • GDPR compliance status
    • SOC 2 Type II certification
    • ISO 27001 certification
    • HIPAA compliance (if applicable)

Security Best Practices

  1. Enable 2FA: Always enable two-factor authentication
  2. Use Strong Passwords: Follow password policy requirements
  3. Regular Password Updates: Change passwords periodically
  4. Review Active Sessions: Regularly check and revoke unknown sessions
  5. Monitor Audit Logs: Review audit logs for suspicious activity
  6. Limit API Keys: Create API keys with minimal required permissions
  7. Revoke Unused Keys: Remove API keys that are no longer needed
  8. IP Restrictions: Use IP restrictions in high-security environments

Need help with security? Contact security@ulka.chat or visit our Security Center (opens in a new tab).

Organization SettingsNotification Settings