All Users Passwords are stored in the system as encrypted text, unreadable even to our technical staff.
When you Create a New User they will be emailed a link to activate their access and create a password. The system Administrator can also send them a link to reset their password from their User record by clicking “create a password reset link”, this generates a link that is displayed in green at the top of the screen which can be forward to the user or actioned by the Administrator.
Note: The password reset link is only active for 30 minutes, so make sure your user is expecting it.
A password needs to have a minimum of 8 characters. To increase the strength of a password, we recommend it has at least 10 characters and includes upper and lower case letters, e.g. ‘H’ and ‘h’, numbers and special characters like ‘%’ and ‘&’.
A User can change their password by going to Settings / User Settings, then entering their current password and then a new password. For Users who are not a system Administrator the User Settings menu only displays the Change Password option.
A User can also request to reset their password by clicking the “Forgotten your password” link on the login page.
N.B. It is bad practice to send Users their password in an unencrypted email. If the Administrator needs to email the login details, they should instead click the “Create a password reset link” after creating the User.
SpotlerCRM Access to your CRM
If you need help from our Customer Support team you may be asked for permission for us to access your CRM to resolve an issue. In this case, we will do so using one of your User’s email addresses, but with our own password. The system log will record the login together with the name of the member of our team who accessed it.
Single Sign-on
Customers using the Enterprise plan have the option to set up the Single Sign-on feature through our integration with OneLogin. With Single Sign-on you have unified access across all your apps letting you login from the single portal. You can also use OneLogin to set up Multi-Factor Authentication for your users, increasing your security with policy-based access control that recognises individuals and not just a password.