Skip to main content
Procore Support (en-au)

Enable Security Settings for Logins, Passwords and Session Timeout Intervals


To request to enable security settings for logins, passwords and session timeout intervals. 


If you are your company's Procore Administrator or if your Procore user account has been granted 'Admin' level permissions to the Company level Admin tool, you have the proper authority to submit a request to modify select security settings for the Procore web application. You can choose to enable settings for locking out users after failed login attempts, password expiration policies and a timeout interval for idle user sessions. 

Things to Consider

  • Required User Permissions:
    • 'Admin' on the company's Admin tool. 
  • Additional Information:
    • For new company accounts, the settings below are configured during the Procore Implementation Process. 
    • For existing company accounts, a user with the appropriate permissions must submit a request. 
  • Limitations:
    • These are company-wide settings. They cannot be applied on a per-project or per-user basis. 


  1. Request to Enable Security Settings
  2. Review Your Company's Account Security Settings

Step 1: Request to Enable Security Settings

If you want to make changes to your company's security settings, a user with 'Admin' level permission to the company's Admin tool can email a request to your Procore point of contact.

Step 2: Review Your Company Account's Security Settings

  1. Navigate to the Company level Admin tool. 
  2. Under 'Company Settings', click General Settings.
  3. Under 'Security Settings', review the following:

    • Lock Out After 3 Failed Sign In Attempts:
      • Yes. If this setting is turned ON, users with be locked out of Procore after three (3) failed login attempts.
      • No. If this setting is turned OFF, there is no limit to the number of failed login attempts that can be made by an end user. 
    • Password Expiration:
      • Never. User passwords never expire. 
      • 30 Days. User passwords expire after 30 days. 
      • 60 Days. User passwords expire after 60 days. 
      • 90 Days. User passwords expire after 90 days.
    • Session Idle Timeout:
      • No Timeout. This is the default setting.
      • 15 minutes. Ends an inactive user's session after 15 minutes of inactivity. 
      • 30 minutes. Ends an inactive user's session after 30 minutes of inactivity.
      • 60 minutes. Ends an inactive user's session after 60 minutes of inactivity. 
      • 120 minutes. Ends an inactive user's session after 120 minutes of inactivity.
 Limited Release
The 'Session Idle Timeout' configured for your company will be only enforced on users actively working in your company's Procore account, meaning a user's timeout may change if and when they work in another company's Procore account.

Note: This update is being released in phases and may not be available on your Procore account at this time.

See Also