Requirements
To keep full admin access, your account must satisfy both of the following:- Password — at least 15 characters, including uppercase letters, lowercase letters, and a number.
- Two-factor authentication (2FA) — enabled on your account.
This enforcement only applies to admin accounts that use Cal.com password-based login. Admins who sign in through an external identity provider (such as SAML or OIDC) are not affected.
What happens when requirements are not met
When you sign in as an admin without meeting the security requirements, Cal.com:- Restricts your session so admin actions are unavailable.
- Shows a warning banner at the top of every page explaining what needs to be fixed.
- Links you directly to the relevant settings page.
| Missing requirement | Banner action |
|---|---|
| Password and 2FA | Directs you to update your password |
| Password only | Directs you to update your password |
| 2FA only | Directs you to enable two-factor authentication |
How to resolve
Update your password (if needed)
Go to Settings → Security → Password and set a new password that is at least 15 characters long and includes uppercase letters, lowercase letters, and a number.
Enable two-factor authentication (if needed)
Go to Settings → Security → Two-factor authentication and follow the prompts to enable 2FA.
FAQs
Q: Will I lose any data if my admin access is restricted?A: No. Your data and settings remain intact. Only admin-level actions are temporarily unavailable. Q: What counts as a strong enough password?
A: Your password must be at least 15 characters and include at least one uppercase letter, one lowercase letter, and one number. Q: Do these requirements apply to the Cal.com cloud platform?
A: No. These requirements apply only to self-hosted Cal.com instances.