Logging into SupportAbility
This article provides information to assist with logging into your SupportAbility installation securely and successfully, including information about setting up your username and password, logging in when MFA is configured, remote access, and the Automatically Log Users Out After (inactivity) setting.
Audience: All
Summary
The following list summarises the content within this article. Click on the links below to take you to the relevant sections:
- Security Levels
- Setting Up Your Username and Password
- Logging into SupportAbility
- Remote Access
- Trouble Logging in
- Automatically Log Users Out After (inactivity)
Security Levels
Prior to version 8.5, SupportAbility had two levels of security that needed to be passed in order to gain access to SupportAbility:
- Shared Security
- Individual User Security
Shared Security Requirement - Now Redundant
The Shared Security level used a shared username and password across the organisation.
This extra security level requirement was put in place many years ago to stop the server from responding to unnecessary traffic.
As part of the security enhancements introduced as part of our ISO27001 certification, a Web Application Firewall was introduced to reject web page requests that look suspicious.
Rate limiting was also introduced to block suspicious high-volume traffic during a short period of time.
These and other security measures mean that the shared security mechanism is now redundant.
Multi-Factor Authentication
Organisations wishing to add a further level of security when staff log in have the option to utilise Multi-Factor Authentication. MFA is blocked by default and can be configured by your organisation in System Preferences when you are ready to utilise this.
Information about this functionality is outlined in the Multi-Factor Authentication (MFA) in SupportAbility article, linked below for your reference.
Setting Up Your Username and Password
Each time you log into SupportAbility, you will need to enter your individual username and password.
Your username will be created for you by the staff member creating your user account, in a format that aligns with your organisation's requirements e.g. initialsurname.
Creating your individual password will initially be assisted by your organisation, who will select one of the following methods:
- Send Password Link
You will receive an automated email with your username and a 'Reset Password' link which takes you to a screen where you can set your own password,
OR - Set Password Manually
A temporary password will be created and communicated to you, which can be used for your initial login.
If they have selected 'Force password reset on next login', which we recommend, you will be required to change this to something more secure upon your next login.
Logging into SupportAbility
To log in to SupportAbility enter your individual Username and Password, then select the 'Log In' button:
N.B. When using shared devices:
- We do not recommend selecting the browser prompt to save or remember your individual password, in order to preserve the security of each Staff account.
- We recommend that Staff always log out of SupportAbility when they have finished their session.
Multi-Factor Authentication (MFA)
If MFA has been configured as 'Optional' for each Staff Member, or 'Enforced' for your organisation, and you have activated MFA for your Staff Account using an Authenticator App, you will be required to pass the MFA step periodically when logging into SupportAbility.
Following your username and password being entered, the MFA window will display:
Open your Authenticator App e.g. Last Pass and view the 6-digit MFA code (time-based one-time passcode) for SupportAbility e.g: 219937
Enter this code in the 'Enter 6 digit MFA code' field e.g:
Once 'Submit' is selected, provided the correct code is entered, you will be able to access SupportAbility.
Please see the How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account article linked below for more information regarding this, including the email fallback option if you are unable to access your Authenticator App.
Remote Access
SupportAbility provides functionality if your organisation wishes to restrict access to your installation when Staff are logging in from a remote location other than approved Sites such as where Services are delivered or managed from.
If remote access has been configured in your installation by restricting access to specific IP addresses, only Staff who have been granted the 'Allow Remote Access' privilege in their Staff Account will be able to log in to your installation from a location other than the whitelist of allowable IP addresses.
More information regarding this functionality is outlined in the Restricting Remote Access to SupportAbility article, linked below.
Trouble Logging In
For detailed information relating to managing issues with logging in, please refer to the linked articles below:
- When resetting your own password (e.g. when you have selected the 'Forgot Your Password' button, or updating your password after login), or when another Staff member is assisting you to reset your password; please refer to the Resetting my individual password & resolving log in issues article
- When assisting another Staff Member to log in, including resetting their individual password, or facilitating remote access, please refer to the Assisting another Staff Member to log in article
- For web browser related issues with logging in, please refer to the Supported web browsers & troubleshooting browser-related issues article
If you are still unable to access SupportAbility, or do not have a record of your organisation's Shared Username and Shared Password please contact your System Administrator, or SupportAbility Authorised Representative.
Automatically Log Users Out After (inactivity)
Generally, the information displayed on SupportAbility screens is of a highly sensitive nature and thereby necessitates a level of privacy to be maintained around who can see this information.
Unintentional breaches of privacy may occur when a Staff Member temporarily moves away from their computer/iPad without locking the screen or logging out, or if they forget to log off on a shared device/computer once they have completed their work.
To assist with this, SupportAbility can be configured to automatically log users out after a specified time of inactivity. The default is set to '60' minutes however this can be configured to a time which better suits your organisation's requirements eg. 10 minutes.
This setting is configured in the 'System Settings' section on the Settings tab in System Preferences:
