At Learned we take the security of your data and the method of logging in very seriously. As an Admin, you can manage certain settings for this in the Company settings. You can reach this page to click on your profile picture (bottom left).
You can choose from the following security options for logging in:
Multi-Factor Authentication (MFA): if you do not work with a Single Sign-On (SSO) option, you can choose to use MFA so that your employees can log in with a security code from an extra device.
Single Sign-On (SSO): Learned offers SSO options for Google and Microsoft Azure AD. With SSO, a Learned account is created linked to the Google / Azure AD login details. So no separate username and password is required. The management of all usernames and passwords therefore only includes the Google / Azure AD accounts and this lies with the system administrator of your organisation.
Multi-Factor Authentication
As an Admin it is possible to make logging in via MFA mandatory for all employees. Go to the Company settings page by clicking on your profile picture (bottom left). Scroll to the Multi-factor Authentication section.
MFA means that in addition to logging in with your email address and password, an additional code is requested. This code is sent to a so-called authenticator app, such as those from Google or Microsoft. Employees can download this app themselves and start using it.
Login methods with Single Sign-On
You can also set standard login methods with SSO on the Company settings page. A standard login method means that you require employees to register and log in with that SSO functionality. So you have a choice of Google SSO and Azure AD SSO.
You have the following 2 options for settings in Learned:
Define a default SSO login method for all users.
Set exceptions in SSO login method for certain users.
Important: Note the following when working with standard login methods:
If you set a default login method for all users, you must give an exception to users who have not registered with that SSO option. Otherwise, these users will no longer be able to log in with their email address and password.
If you define a default login method for all users, these users cannot register with their email address and a self-chosen password. One must use the SSO button.