Login methods and their processes

The Agile.Now platform provides a variety of login methods designed to meet different security needs and user preferences. Each method has its process, offering flexibility and security to both users and administrators. Here’s an overview of each login method and how they work:

Standard Password Login

The standard login method uses a username and password. It's the most basic form of authentication and involves the following steps:

• Users are presented with fields to enter their username and password.
• To prevent brute force attacks, the system may block an IP address after a certain number of failed login attempts.
• The system may also disable a user account after several failed login attempts, requiring reactivation through the "Account" section.

User Password Change (Reset, Change, and Forgot)

Users have the capability to manage their passwords through various processes:

• Password Reset: Users can request a new password through a self-service portal, which may involve verification via email or SMS.
• Change Password: After logging in, users can opt to change their password, subject to the system’s password policies.
• Forgot Password: This option allows users to initiate a password recovery process, which includes validation through a verification code sent by email or SMS.

One-Time Password (OTP)

The OTP method enhances security by requiring a code sent to the user's email or phone:

• Users are prompted to enter an email or phone number upon login.
• A verification code is then sent to the user's chosen method of contact.
• The user must enter this code to complete the authentication process.

Multi-Factor Authentication (MFA)

MFA adds an additional layer of security:

• Users first login with their standard credentials.
• Following this, a verification code is sent via the selected method (email, SMS, or authenticator app).
• The user must provide this additional code to gain access to their account.

Single Sign-On (SSO)

SSO allows users to access multiple applications with one set of credentials:

• The system supports SSO according to the OpenID standard.
• Users log in once through a central provider and can access all linked applications without needing to re-enter credentials.

Security Settings Associated with Login Methods

The Agile.Now platform includes several security features, such as:

• Brute Force Protection: Blocking access after excessive failed login attempts.
• Account Lockouts: Disabling accounts after repeated incorrect password entries.
• Password Expiration: Forcing a password change after a certain period.

Conclusion

The Agile.Now platform's login methods cater to various user needs, from convenience to high security. Admins can configure these methods to protect their systems while ensuring users have a straightforward access experience. The choice of login method will depend on the specific security requirements of the organization and its users.