At Vertical Plus, your success is our mission and that includes keeping your data safe and your ecommerce operations resilient. As part of our ongoing commitment to platform security, we’re excited to share a series of powerful new features designed to protect your business and streamline user experience. From stronger password standards to smarter account management, here’s what’s coming your way in the next platform release.
Recently, we’ve been focused on enhancing the security of our platform.
As part of our broader vision to deliver a safer, more reliable experience for our partners and their customers, we’re rolling out a suite of new security features. These improvements are designed to protect your data, minimise risk, and improve usability across the board.
Password strength plays a crucial role in digital security, acting as the first line of defence against cyber threats. We’re introducing a minimum password strength requirement for admin users, helping to reduce the risk of brute force or dictionary attacks and keep your business secure.
Around 30% of users abandon their purchase if they forget their password and can’t reset it easily. To improve this experience, we’ve updated the password reset process. Now, customers can simply click a link in the reset email—no more typing in temporary passwords. It’s faster, easier and more secure.
Every admin account is a potential access point for attackers. To limit exposure, we’re introducing a new feature that automatically deactivates admin accounts that haven’t logged in for more than 45 days. If access is still required, it can be reinstated quickly by another admin in your organisation.
We’ve added the option to enforce regular password changes for admin users. If a password is compromised, this increases the chance it will be updated before it can be exploited. This is an optional setting, which will be off by default, giving you flexibility based on your organisation’s needs.
We’ve upgraded our infrastructure to track failed login attempts by IP address and email. This allows us to provide more detailed reporting on genuine login issues while improving protection against coordinated attacks where IP addresses are rotated.
These new security features will be included in the next platform release, which will be rolled out over the coming months. We’ll continue to keep you updated, but in the meantime, if you have any questions or want advice on implementing these changes effectively, don’t hesitate to get in touch.