Skip to main content
General Penelope Authentication Settings
Updated over 10 months ago

In this article:


Penelope Authentication is enabled by default. Review these steps to customize the Penelope Authentication options for your organization.

General Settings Reference

Authentication Type Settings

Choose authentication type

The authentication type you’d like to implement at your organization: Single Sign On (SSO) using your OAuth 2.0-compatible Identity Provider, built-in Penelope authentication, or both.

Default authentication

If you have chosen to use both Penelope and SSO accounts as available authentication types, you can choose which authentication type is the default option. The default authentication type appears as the default sign in option.

Login Settings

Setting

Description

Send alert message to

An option to select which Worker Category should receive Authentication alerts.

Passwords must be changed every X day(s)

The frequency (in days) in which Workers must change their passwords.

Lock user accounts after X days since last login

The maximum number of days that a Worker can go without logging in to Penelope prior to their account being automatically locked.

Enter 0 if you do not want to use this feature.

Maximum verification codes per user per day

The maximum number of verification codes that can be sent to a single Worker per day.

Maximum total verification codes per day

The maximum number of verification codes that can be sent to all Workers organization-wide per day.

Prompt user to confirm trusted devices every X months

The frequency in months in which each Worker must confirm the trusted devices they have set up for their user account.

Admin review of trusted emails

An option to require that a Worker with System Administration or Superuser privileges must review and approve a trusted email address.

Admin review of trusted phone numbers

The option to require that a Worker with System Administration or Superuser privileges must review and approve a trusted phone number.

Configuring General Penelope Authentication Settings

1. Navigate to User Setup > Security > Authentication and click Edit.

2. From the Authentication type setup drop-down, choose Use Penelope account only.

Penelope Authentication Edit screen

3. In the Login Settings section, complete the fields according to your agency’s preferences. Refer to the Login settings reference topic for details about specific fields.

4. Click Save.

Managing General Penelope Authentication Settings

Modify how often Workers are prompted to change their passwords

  1. Navigate to User Setup > Security > Authentication and click Edit.

  2. In the Login settings section, in the Passwords must be changed every X days field, type how often you want Workers to change their passwords in Penelope.

  3. Click Save.

Modify when a Worker’s account is automatically locked

  1. Navigate to User Setup > Security > Authentication and click Edit.

  2. In the Login settings section, in the Lock user accounts after X days since last login field, type how many days a Worker can go without accessing Penelope before their account is locked.

  3. Click Save.

Configure which Worker Category receives alerts for Authentication events

  1. Navigate to User Setup > Security > Authentication and click Edit.

  2. In the Send Alert Messages To drop-down list, select which Worker Category you would like to receive authentication alerts.

  3. Click Save.

Set the maximum number of verification codes

You can set the maximum number of verification codes that may be sent to individual Workers as well as agency-wide per day.

  1. Navigate to User Setup > Security > Authentication and click Edit.

  2. To set the maximum number of verification codes, in the Login settings section, complete the following fields: Maximum verification codes per user per day Maximum verification codes total per day

  3. Click Save.

Set how often users must confirm their Trusted Devices

To confirm a trusted device, users must review the current values for their email address or SMS phone number and confirm that they are correct.

  1. Navigate to User Setup > Security > Authentication and click Edit.

  2. In the Login settings section, in the Prompt user to confirm trusted devices every field, type how often (in months) that users must confirm their trusted devices.

  3. Click Save.

Require that admins review Trusted Devices

  1. Navigate to User Setup > Security > Authentication and click Edit.

  2. In the Login settings section, select which Trusted Device types you want admins to review2-Step email addresses2-Step phone numbers

  3. Click Save.

Did this answer your question?