User Security

Overview

Lead Liaison provides User Security tools to help keep your account safe. In addition to Security Profiles which limit User access, the system can track user logins, protect from brute force login attempts, prevent automated password resets, and protect accounts through session timeouts.

Login History

You can view all user login activity on your account. To access Login History, navigate to Setup > Users > Login History.

Data available includes:

  • Username
  • Login Time
  • IP address
  • Location
  • Browser
  • Status

Use the search option in the top-left corner to narrow your results by user and timeframe. By default the system shows all logins in the last seven days.

You can also separate successful and failed login attempts using the toggles in the top-right corner. We recommend occasionally checking for unusually high numbers of failed attempts.

Account Lockout

The system protects users from brute-force login attempts by locking out their account. If the system detects 5 unsuccessful login attempts for the same username within a 10-minute period, we will lock their account for 15 minutes. After 15 minutes, the user can try again.

Lead Liaison support cannot bypass the account lockout. After several unsuccessful attempts, we strongly recommend resetting your password.

Password Reset Anti-Automation

To prevent bots from attempting to gain access by resetting passwords, the system limits the number of password reset requests. If the system detects 5 password reset requests and the password is not successfully reset (or if the user attempts to enter an invalid password 5 times) within 10 minutes, we will lock the password reset function for that IP address for 15 minutes. 

Lead Liaison support cannot bypass the password reset lockout. Please contact support before this point. It is likely you might be using the wrong username, and they can help verify your credentials. 

Session Timeout

To avoid accounts being exposed at unattended workstations, Lead Liaison can automatically logs users out. System administrators can set how long the system waits before timing out. The system can wait between 15 minutes and 10 hours before timing out. To adjust Inactive Session Timeouts, navigate to Setup > Account > Settings and scroll down to the Account menu.