IMPORTANT NEWS REGARDING:
USER LOGIN SECURITY CHANGES
The security of our clients and employees information is very important to us! In an effort to maintain the highest level of protection possible; Maxx-Time will be implementing changes for all users logging into our platform.
The changes are as follows:
- Enhanced password standards – Beginning Wednesday, July 8, 2015 the system will require all users to create a new password. The password must contain a minimum of 8 characters and include at least one uppercase letter, one lowercase letter, one number and one symbol. Users will also be prompted to change their password every 90 days. On the next login, the system will prompt the user for a new password, requiring that they enter passwords that meet the new standards.
- Multi-factor Authentication – Beginning Wednesday, July 8, 2015 the system will also require Multi-factor authentication. Currently the system requires a user name and password to access the system. Multi-factor authentication adds an additional level of security, by requiring the user to also enter a randomly generated 6 digit code. This 6 digit code can be sent to the user via email, mobile text message, or a phone call.
Beginning Wednesday, July 8, 2015, the following will occur when you attempt to login:
- The user will be prompted to register for Maxx-Time Multi-Factor Authentication code.
- The system will access the phone number and email address on file, and ask the user to select which phone number or email address should be used for communication.
- The next time the user logs in, they will select the method for delivery (email, text message, or phone call) and the system will generate a random 6 digit code and send it to them.
- After entering the code, the system will validate the number, and grant access to the application.
- The user will have the option to “remember” the computer they are using and forgo the verification process in the future.
Important notes regarding Multi-factor Authentication:
- A company email address will be required for sending authentication codes. This can be entered on the Company Set Up Page. The email is stored on the Company Info tab under Company Addresses.
- If the user does not have an email address or phone number stored in the system, they will be prompted to provide them when they login. To minimize disruption, we recommend you run an Employee Roster report to validate every employee has at least one phone number or email address stored in their profile.
- Multi-factor authentication is not required when using Web Clock and/or any time clock device