Security is one of the top priorities for any software supplying company, so it is for Carerix as well. To make sure your data is safe for any unauthorized access multiple security measures on different levels are in place.
When it comes to user authorization Carerix offers a standard password authorization which applies to every single user. Additionally it is possible to add Multi Factor Authentication (MFA) which requires an additional confirmation from the user who tries to log in into Carerix.
Both the password and MFA policies from a user perspective will be explained below.
Changing a Password
Every single user has his/her own unique password and Carerix applies several policies to make sure the user account remains safe.
This means amongst others the following conditions for passwords apply:
Passwords are valid only for a limited amount of time. This period is configurable by system administrators only and applies to all users. The default period is 3 months.
A password consists of at least 12 characters
A password contains at least one CAPITAL character (ABC)
A password contains at least one lower case character (abc)
A password contains at least one special character (# $ % etc.)
A password contains at least one numerical digit (1 2 3 etc.)
To change the password users can change their password in the 'Account Security' menu available via the top right user menu.
Clicking the Account Security menu will open a new tab and show the options to change your pasword or to set up or change your MFA settings. To change the password click the 'Update' button at the end of the row:
You will now be redirected to the change password dialogue box which clearly indicates if your new to be set password meets all the requirements. If you have chosen a correct new password and have confirmed it you are ready to save it by clicking on 'Set the new password'-button!
Configure Multi Factor Authentication
Multi Factor Authentication is an additional security layer that optionally can be activated. By default it is an option on user level, however it is possible for administrators to force MFA setup for all users.
To use MFA a user needs a mobile device with any authenticator app. Most commonly used are those from Google and Microsoft:
Microsoft authenticator app for Apple
Once the app is installed one can start MFA configuration in Carerix. To do so, go to the Account Security menu again. Now choose for the 'Activate' button behind 'Multi Factor Authentication' which currently is 'Disabled'.
Now you will be redirected to the MFA setup dialogue. The dialogue box itself explains step by step what needs to be done to finish the setup.
After clicking the send button you will return to the main Account Security page. Here it is indicated that Multi Factor Authentication now is active. You can easily remove your set up device(s) which disabled MFA again. Do so by clicking the red bin icon. It is also possible to add another device by clicking the 'Add new' button.
Note: in case MFA is mandatory a user is forced to setup MFA during his/her first login attempt. Users cannot circumvent this.