Logging into SupportAbility
This article provides information to assist with logging into your SupportAbility installation securely and successfully, including information about setting up your username and password, logging in when MFA is configured, remote access, and the Automatically Log Users Out After (inactivity) setting.
Audience: All
Summary
The following list summarises the content within this article. Click on the links below to take you to the relevant sections:
- Security Levels
- Initial Login to SupportAbility
- Logging into SupportAbility via the Web App
- Logging into SupportAbilty via the Mobile App
- Remote Access
- Trouble Logging in
- Automatically Log Users Out After (inactivity)
Security Levels
SupportAbility provides secure access to your installation, not only via individual security, but also using Multi-Factor Authentication (MFA) functionality.
Individual User Security
Each Staff (user) Account in SupportAbility has a unique username and password which is required to be entered each time you log into SupportAbility.
Your username will be created for you by the staff member creating your user account, for example initialsurname, or in a format that aligns with your organisation's requirements.
Password requirements are as follows:
- 'Minimum Password Length' - 12 characters
- Must include upper and lower case letters, a number, and special character.
Multi-Factor Authentication (MFA)
Organisations are strongly encouraged to use Multi-Factor Authentication (MFA), if not already doing so, to further strengthen the security when Staff log into SupportAbility.
With increased levels and complexity of attacks from malicious actors, MFA has become standard practice for accessing most systems.
Therefore, all newly provisioned SupportAbility installations will have MFA configuration set to 'enforced'. This means MFA is mandatory for each Staff Member in your organisation.
For existing installations, when MFA is set to 'Enforced', this means Staff Members that have not already activated MFA using an Authenticator App will be required to do so upon their next log in to SupportAbility via the Web App, or immediately on the Mobile App.
Information about this functionality is outlined in the Multi-Factor Authentication (MFA) in SupportAbility article, linked below for your reference.
Historical SupportAbility Security
Prior to version 8.5, SupportAbility had two levels of security that needed to be passed in order to gain access to SupportAbility:
- Shared Security
- Individual User Security
The Shared Security level used a shared username and password across the organisation.
This extra security level requirement was put in place many years ago to stop the server from responding to unnecessary traffic.
As part of the security enhancements introduced as part of our ISO27001 certification, a Web Application Firewall was introduced to reject web page requests that look suspicious.
Rate limiting was also introduced to block suspicious high-volume traffic during a short period of time.
These and other security measures mean that the Shared Security mechanism is now Redundant.
Initial Login to SupportAbility
When first logging into SupportAbility, you will be advised of your login credentials via one of two methods:
- Send Password Link
You will receive an automated email with your username and a 'Reset Password' link which takes you to a screen where you can set your own password,
OR - Set Password Manually
A temporary password will be created and communicated to you, which can be used for your initial login.
If they have selected 'Force password reset on next login', which we recommend, you will be required to change this to something more secure upon your next login.
The auto-generated email is sent to the address entered in the 'Staff Account Email Address' field in your Staff Account. As this is the first time receiving communications from SupportAbility, if you do not receive it, we recommend checking your SPAM/Junk folders.
The ' Reset Password' link in the email is only valid for three days after it is sent, after which time it will expire and no longer be usable. We therefore recommend actioning your login setup as soon as possible. Your system administrator (Authorised Customer Representatives) will be able to retrigger this email for you if you miss it.
The auto-generated email with your username and 'reset password' link will look something like the following:
Multi-Factor Authentication (MFA)
As multi-factor authentication is a requirement of SupportAbility, you will also need to set this up.
The instructions will look something like the following:
Information on setting up multi-factor authentication is outlined in the ' How to activate Multi-Factor Authentication (MFA) for your Staff Account' article, linked below for referenceReturn to Summary
Logging into SupportAbility via the Web App
To log in to SupportAbility via the Web App, enter your individual Username and Password, then select the 'Log In' button:
N.B. When using shared devices:
- We do not recommend selecting the browser prompt to save or remember your individual password, in order to preserve the security of each Staff account.
- We recommend that Staff always log out of SupportAbility when they have finished their session.
Multi-Factor Authentication (MFA)
Once you have activated MFA for your Staff Account using an Authenticator App, you will be required to pass the MFA step periodically when logging into SupportAbility.
Following your username and password being entered, the MFA window will display:
Open your Authenticator App e.g. Last Pass and view the 6-digit MFA code (time-based one-time passcode) for SupportAbility e.g: 219937
Enter this code in the 'Enter 6 digit MFA code' field e.g:
Once 'Submit' is selected, provided the correct code is entered, you will be able to access SupportAbility.
Please see the How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account article linked below for more information regarding this, including the email fallback option if you are unable to access your Authenticator App.
Logging into SupportAbility via the Mobile App
When first logging into the SupportAbility Mobile App you will need to enter the SupportAbility installation name for your organisation, and select 'Next':
Then enter your 'Individual Username' and 'Individual Password' which will be the same as those entered in your Staff Account in the Web App. Then select 'Log In':
Multi-Factor Authentication (MFA)
Once you have activated MFA for your Staff Account using an Authenticator App, you will be required to pass the MFA step periodically when logging into SupportAbility, by entering the 6-digit MFA code from your authenticator app:
Once you have passed the above steps, you will be asked to set a 4-digit PIN that is saved to your phone, which you will be prompted to enter to access the app in future:
Once you have logged into the SupportAbility Mobile App and set your PIN, you will land on the Home screen.
N.B. You will be required to input the 4-digit PIN when attempting to access the app after (5) minutes of inactivity.
Remote Access
SupportAbility provides functionality if your organisation wishes to restrict access to your installation when Staff are logging in from a remote location other than approved Sites such as where Services are delivered or managed from.
If remote access has been configured in your installation by restricting access to specific IP addresses, only Staff who have been granted the 'Allow Remote Access' privilege in their Staff Account will be able to log in to your installation from a location other than the whitelist of allowable IP addresses.
More information regarding this functionality is outlined in the Restricting Remote Access to SupportAbility article, linked below.
Trouble Logging In
For detailed information relating to managing issues with logging in, please refer to the linked articles below:
- When completing any of the following actions, please refer to the Resetting my individual password & resolving log in issues article:
- resetting your own password e.g. when you have selected the 'Forgot Your Password' button
- updating your password after login
- when another Staff member is assisting you to reset your password. - When assisting another Staff Member to log in, including resetting their individual password, or facilitating remote access, please refer to the Assisting another Staff Member to log in article
- For web browser related issues with logging in, please refer to the Supported web browsers & troubleshooting browser-related issues article
If you are still unable to access SupportAbility, or do not have a record of your organisation's Shared Username and Shared Password please contact your System Administrator, or SupportAbility Authorised Representative.
Automatically Log Users Out After (inactivity)
Generally, the information displayed on SupportAbility screens is highly sensitive, necessitating a level of privacy regarding who can see it.
Unintentional breaches of privacy may occur when a Staff Member temporarily moves away from their computer or tablet without locking the screen or logging out or if they forget to log off on a shared device/computer once they have completed their work.
To assist with this, SupportAbility can be configured to automatically log users out after a specified time of inactivity.
This setting is configured in the 'System Settings' section on the Settings tab in System Preferences:
The default is set to '30' minutes; however, this can be configured to a time that better suits your organisation's requirements, e.g. 10 minutes:
