Assisting another Staff Member to log in

This article provides detailed information on how to assist another Staff Member with logging into SupportAbilty, both on the Web App and Mobile App. 

It reviews suggested troubleshooting questions to clarify the issue the Staff Member is experiencing, the options available to reset their password, alternatives for managing Multi-factor Authentication (MFA), and facilitating remote access. 

It also covers logging in and resetting individual passwords and 4-digit PINs from the Mobile App.

Audience: Authorised Representatives, HR Specialist, Team Leaders and anyone tasked with assisting another Staff Member to log in.


Prerequisites

  • Staff require the 'Edit User Accounts' Security privilege in order to access the 'User Details' tab of Staff Accounts where individual passwords are reset, and where remote access is granted.
  • We also recommend reviewing the information entered for 'System Administrator's Name and 'Contact Details' in the 'Installation Options' section on the 'Settings' tab of System Preferences, as this information is included in logging in and reset password emails:


Summary

The following list summarises the content of this article. Click on the links below to take you to the relevant sections:


Suggested troubleshooting questions

The following questions may be helpful to ask a Staff Member when you are assisting them with issues logging in:

  • What are you seeing on your screen? Is the SupportAbility logo visible?
    • If the logo is not visible, they are trying to log in at the Shared Security level and will need to enter the Shared Username and password. 

      N.B. When a Staff Member logs into SupportAbility using a new device or a different browser, or the Staff Member has cleared cookies, cache and/or browsing history, SupportAbility will ask the user for your organisation's Shared Username and Password.
    • If the logo is visible, then they are trying to log in at the Individual Security level and will need to enter their individual Username and Password.

      We suggest verifying the Username they are using matches that which has been configured in their Staff Account.
  • Does your individual password match the minimum requirements? i.e. at least 12 characters long and includes 1 lower case letter, number & a special character, OR if your organisation has configured the Password Settings in System Preferences, does their individual password match this criteria? 
  • Have you checked whether your caps lock is on?
  • Are there any error messages displayed on your screen? For example:
    • "This password reset link has already been used or has expired" - they will need to select the 'Send a new Password Reset Link' button, or you can send a new Reset Password Link email from their Staff Account
    • "The username and/or password is not valid" - check the username the Staff Member is using matches the one entered in their Staff Account.
    • "Too many unsuccessful log in attempts" -  the Staff Member has exceeded 6 attempts and will need to wait for the period of time specified in the error message e.g. 30 secs, before attempting to log in again
  • It is important to double-check that a 'Staff Account Email Address' has been entered into the Staff Account User Details tab, so that they may reset their own password. Has an email address been entered?
  • Have you received the 'Reset Password Link' email which was sent to you? If not have you checked your junk mail folder?
  • Are you sharing an email address with another Staff Member, if so maybe the other Staff Member has accessed the Password Reset email.
  • Is the email address entered in the 'Staff Account Email Address' field of their Staff Account a personal email address? this may operate differently to the organisation's primary email program.

Return to Summary


Where are passwords reset?

While Staff have the ability to reset their individual password themselves via the 'Forgot Your Password' button on the login screen, there are occasions when they may require assistance from another Staff Member who has the relevant access to their Staff Account, to reset their password for them.

Passwords are reset in the 'Account Details' section on the 'User Details' tab of the relevant Staff Account.

N.B. A 'Staff Account Email Address' and 'Username' must both be present in order to reset a password.

Assuming these have been entered, or once this has been completed where required, you can then select the 'Reset Password' button:

This will open the 'Reset Password' window:

From here you can select one of the two methods available for resetting a password:

  • Send Password Link - a 'Reset Password' link can be emailed to the relevant Staff Member, from which they can reset their own password,  
  • Reset Password manually - a temporary password can be created for the Staff Member, with the option to prompt them to change this on their next log in.

Information on how to action both these methods is outlined below for your reference.

Return to Summary


Send Password Link

If 'Send Password Link' is your organisation's preferred 'Password Reset Method' ensure this option has been selected, then select the 'Confirm' button':

A confirmation message will display briefly at the top of the screen:

and a notification will display below the 'Reset Password' button advising the date and time the Password Reset email was last sent: 

The email will be sent to the email address which has been entered in the 'Staff Account Email Address' field in their Staff Account. It is important to note that this link will expire in 3 days from the point it was sent. 

The Staff Member will receive an email from SupportAbility on behalf of your organisation. This email contains: 

  • details about your organisation's Shared Username and Password, which is the first level of security required before entering or updating an individual password
  • the Staff Member's Username and a 'Reset Password' link
  • details of the System Administrator to contact if they experience any ongoing issues. 

The Staff Member can access the reset password email via their usual email program. Once the Staff Member selects the 'Reset Password' link in the email it will open the Password Reset window with the Staff Member's 'Username' pre-populated as it has been entered in their Staff Account.

The Staff Member will need to enter a secure password in the 'New Password' field, ensuring it meets the Password requirements displayed, then enter the same password in the 'Confirm New Password' field, and select 'Reset Password:

A confirmation message will advise the password has been updated successfully, and log them in automatically.

More information regarding the process from a Staff Member perspective when their password has been reset for them, can be found in the Resetting my individual password article, linked below.

Return to Summary


Reset Password manually

If 'Reset Password Manually' is your organisation's preferred 'Password Reset Method' ensure the following has been actioned:

  • select 'Reset Password Manually' for 'Choose Password Reset Method'
  • enter a temporary password matching the criteria outlined
  • (optional) select the 'Force password reset on next log in' checkbox, to ensure the Staff Member changes their password to something which is secure and not known to anyone else
  • select the 'Reset' button':

A confirmation message will display briefly advising the password has been reset successfully:

Once you have communicated the temporary password to the Staff Member they will be able to log on using this password.  

If you have selected the 'Force password reset on next log in' checkbox they will be prompted to reset their password at next login.  We recommend this option is checked to ensure the privacy and security of all User Accounts.

Whilst 'Force password reset on next log in' can be deselected, the only time we recommend doing so, is if you believe a Staff Members Account security has been compromised. Therefore, whoever may be logging into the Staff Members Account will no longer be able to gain access using the previous password.

Return to Summary


Multi-Factor Authentication (MFA)

If Multi-Factor Authentication (MFA) has been configured for your organisation and the Staff Member you are assisting to log in has activated MFA for their Staff Account using an Authenticator App, the following will apply.  

The Staff Member will be required to pass the MFA step periodically when logging into SupportAbility, in addition to entering the Shared User details and their Individual User Security details i.e. individual username and password:

Information on how to complete the MFA step is outlined in the  MFA via Authenticator App - recommended section of the How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account article, linked below for reference.

If the Staff Member does not have access to their Authenticator App for the latest code and is, therefore, unable to pass the MFA step successfully, you can suggest they select the option to 'Request MFA code via email instead' as a fallback option:

It is important to note that the MFA code sent to an email address is only valid for a period of 10 minutes from the time it was requested. Additionally, when an MFA code is requested via email, an 8-digit code is provided to differentiate this from the 6-digit code generated by an Authenticator App.

Information outlining how to complete this step is available in the  MFA via Email - fallback option section of the How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account article, linked below for reference.

Return to Summary


Remote Access

If your organisation has configured remote access in System Preferences, by restricting access to a range of specific IP addresses, and a Staff Member is trying to log on from a remote location other than these IP addresses, without having the relevant privilege in their Staff Account, they will see the following message:

More information regarding this functionality is outlined in the   Restricting Remote Access to SupportAbility article, linked below.  

If it is appropriate for this Staff Member to have remote access, their Staff Account will need to be reviewed to ensure they have been granted the relevant 'Allow Remote Access' privilege:

More information regarding setting up Staff Accounts can be found in the  Creating a Staff Account article, linked below.  

Return to Summary


Mobile App Troubleshooting

First-time Login to the Mobile App

The very first time a staff member logs into SupportAbilty via the mobile app, they will be required to enter the following:

  • Your organisation's SupportAbility installation name. This is the same as the domain name you type into the web browser to access SupportAbility on the Web App.
  • Their individual Username and Password which they use to access the Web App
  • If your organisation has enabled Multi-Factor Authentication (MFA), the 6-digit MFA code from their authenticator app
  • Create a 4-digit PIN which is saved to their phone and which they will be prompted to enter to access the App in future

Once they have completed the initial login, assuming they do not log out of the app, each time they access it, all they will need to enter is their 4-digit PIN.

If they have logged out, they will need to enter their individual Username and Password to log in. The installation name, however, is automatically retained and does not need to be entered again. 

The SupportAbility Mobile App overview article linked below for reference outlines more information about first-time login.

Return to Summary


Forgotten Individual Password

If a staff member has forgotten their individual password, this can be managed in two ways as follows:

Firstly, a staff member with the privileges to access the 'User Details' tab of the relevant Staff Account in the Web App can reset this on behalf of the staff member with the issue, as per the related instructions earlier in this article.

This will trigger a Password Reset email which will be sent to the email address entered in the Staff Account. The staff member can then access this email via their usual email program.  As this email is automated, it may be redirected by the email program to the person's SPAM folder so if they cannot see this email, we suggest asking them to check their SPAM folder.

The second method is for the staff member to reset their own password by selecting the 'Forgot Your Password' option on the login screen:

This will trigger a Password Reset email to be sent to their usual email program, similar to when a staff member has triggered this on their behalf as outlined above.

Return to Summary


Mobile App has timed out

The SupportAbility Mobile App will automatically close after 5 minutes of inactivity, either while the app is open or when minimised.

The staff member will then need to enter the 4-digit PIN they created to access the app again.

Return to Summary


Forgotten PIN

If staff have forgotten their PIN they will need to reset this themselves, as it is managed locally on their mobile device.

This is done by selecting the 'Forgot your PIN' link on the 'Confirm PIN' screen. They will then be asked to confirm this action by selecting OK:

Once 'OK' has been selected, they will be logged out of the SupportAbility Mobile App.  They will then need to enter their Individual Username and Password. 

Once these credentials have been entered they will be prompted to set their 4-Digit PIN:

Once a 4-digit PIN has been entered and 'Submit' selected, a green message 'PIN set successfully' will display briefly to confirm success, and the App will open on the 'Home' screen.

Return to Summary


Change PIN while logged in

The PIN can also be reset while logged into the App. 

It is recommended that the PIN be changed periodically to maintain security. It should also be unique to this App and not used for any other Apps on that device.

The PIN can be changed while logged in to the Mobile App by navigating to the 'Settings' tab via the Settings icon bottom right of the screen, and selecting 'Change PIN' in the Security section:

They will then be required to first enter their current PIN:

Then enter a new PIN and select the 'Change' button:

N.B. SupportAbility does allow the staff member to use the same or a previous PIN, however, this is not recommended.

Return to Summary


Logged out of the Mobile App

Intended Log Out

There is no real need to log out of the SupportAbility Mobile App as it automatically closes after 5 minutes of inactivity, and the 4-digit PIN is a convenient way to access it when required.  However, your organisation's security policy may require staff to log out after use, particularly where devices are shared.

There are two locations where staff can log out of the SupportAbility Mobile App.

The first is at the bottom of the 'Confirm PIN' screen:

The second option is on the Settings tab. Navigate to the Settings tab via the 'Settings' icon, located bottom right of the screen:

Then select 'Log Out' in the 'Security' section. Staff will be asked to confirm they want to log out by selecting 'Log Out':

Both of these options will log them out of the Mobile App, so the next time they access the App, they will need to enter their individual Username and Password. The installation name is retained and does not need to be entered again:

If Multi-Factor Authentication (MFA) has been configured for your organisation and the Staff Member you are assisting to log in has activated MFA for their Staff Account using an Authenticator App, they will also be required to enter the 6-digit MFA Code using their Authenticator App:

The PIN is also retained and assuming the staff member does not log out again, the next time they access the App, they can do so using their 4-digit PIN.

Return to Summary


Unintended Log Out

A few questions to ask staff when they are logged out unintentionally:

  • Did they close/minimise the App or did they select one of the Log Out options?
  • Were they booted out unintentionally while they were using the app? 
  • If Yes, what area of the app were they using and what action were they attempting to complete when they were booted out?
  • Were they booted out within the preset 5 min of inactivity or after this time?
  • After being booted out, are they being forced to log back in using their Username and Password or can they log in by inputting their 4-digit PIN?

Once this information has been gathered, and if you are still unable to assist the staff member, one of your Authorised Customer Representatives may lodge a support query at support@supportability.com.au.

Return to Summary


What version of the SupportAbility Mobile App am I using

We recommend staying up to date with the latest version of the SupportAbility Mobile App to ensure the latest functionality is accessible and any bug fixes are applied.

Our Release Notes posted on the SupportAbility website provide information about the latest Web and Mobile App updates, including new and updated features and any bug fixes.

While the Web App automatically updates to the latest version of SupportAbility, staff must download the latest version of the Mobile App to their device from the Play or App Store following a Mobile App release.

To check which version staff are using, this information is displayed in two places in the Mobile App as follows.

The first location is at the bottom of the Login screen where the Individual Username and Password are required e.g. 1.5.2:

If this is not the latest version as per the Release Notes, we suggest downloading the latest version first before logging in.

The second place the Mobile App version is displayed is on the 'Settings' tab in the 'About' section:

Return to Summary

Still need help? Contact Us Contact Us