Requirements
To retain full admin access, your account must satisfy both of the following:- Password length — at least 15 characters (must also include uppercase, lowercase, and a number)
- Two-factor authentication (2FA) — enabled on the account
INACTIVE_ADMIN at login. You can still access the application, but admin-level actions are unavailable until you resolve the issue.
What happens when requirements are not met
When you log in as an admin without meeting the security criteria, Cal.com:- Sets your session role to
INACTIVE_ADMIN - Displays a persistent warning banner at the top of every page explaining what needs to be fixed
- Links you directly to the relevant settings page
| Missing requirement | Banner action |
|---|---|
| Password and 2FA | Directs you to change your password |
| Password only | Directs you to change your password |
| 2FA only | Directs you to enable two-factor authentication |
After you update your password or enable 2FA, you are signed out automatically so the system can re-evaluate your credentials on the next login.
How to resolve
Update your password (if needed)
Go to Settings > Security > Password and set a new password that is at least 15 characters long and includes uppercase letters, lowercase letters, and a number.
Enable two-factor authentication (if needed)
Go to Settings > Security > Two-factor authentication and follow the prompts to enable 2FA on your account.
This enforcement only applies to admin accounts that use Cal.com credential-based authentication. Admins who sign in through an external identity provider (such as SAML or OIDC) are not affected.