intelliHR treats the protection of user account security as critical. We guarantee the integrity, confidentiality and availability of our customer’s data by implementing best practice security controls and policies.
There are often a number of questions that your team may have. This article is designed to provide answers to those frequently asked questions.
FAQs answered by our support team!
Q: How is access to my user account on intelliHR safeguarded?
A: For in-platform user accounts, intelliHR support a minimum password length and allow individual users to configure Multi-Factor Authentication (MFA) for themselves.
intelliHR also supports SALM2 SSO which allows users to use an identity provider for authentication, which can be configured as desired. SALM SSO provides a way to authenticate users to third-party web applications (like Gmail for Business, Office 365, Salesforce, etc.) by redirecting the browser to a secure company login page, then after successful authentication on that login page, redirecting the user’s browser back to that third-party web app where they are granted access.
There is a setting in the intelliHR platform to enforce SSO login only, which is recommended if the password policy is important for your business.
Q: How many failed login attempts are permitted before an employee's user account is locked?
A: Users are given 3 attempts to log into the intelliHR platform. After 3 failed attempts the user will be locked from attempting to log in again for 10 minutes.
Q: How would a locked account be made active again? what is the process for that?
A: After 3 failed login attempts the user will be locked from attempting to log in again for 10 minutes. However, following that 10 minutes, the employee will be able to attempt to log in again.
Q: What is the password policy enforced by intelliHR?
A: We support password length as a policy, as the recommended requirement by global security standards.
Q: If I amend the minimum password length in Settings, will this prevent current employees from signing in with their current passwords if these do not meet the minimum length?
A: No, the employees will still be able to log in. They will not be automatically prompted to amend their password or reset their password.
Note: currently the intelliHR support team will be required to set the minimum password length if this is required as it remains a super user setting.