All Users Passwords are stored in the system as encrypted text, unreadable even to our technical staff.
When you Create a New User they will be emailed a link to activate their access and create a password. The system Administrator can also send them a link to reset their password from their User record by clicking “send this user a password reset link”, or the User can reset this for themselves from the Settings tab or from the login page.
Note: The password reset link is only active for 30 minutes, so make sure your user is expecting it.
A password needs to have a minimum of 6 characters. To increase the strength of a password, we recommend it has at least 10 characters and includes upper and lower case letters, e.g. ‘H’ and ‘h’, numbers and special characters like ‘%’ and ‘&’.
A User can also change their password by going to Settings, entering their current password and then the new password. For Users who are not a system Administrator the Settings menu only displays the Change Password option.
A User can also request a new password by clicking the “Forgotten your password” link on the login page.
N.B. It is bad practice to send Users their password in an unencrypted email. If the Administrator needs to email the login details, they should instead click the “Send reset email to user” after creating the User.
Really Simple Systems’ Access to your CRM
If you need help from our Customer Support team you may be asked for permission for us to access your CRM to resolve an issue. In this case, we will do so using one of your User’s email addresses, but with our own password. The system log will record the login together with the name of the member of our team who accessed it.
Customers using the Enterprise plan have the option to set up the Single Sign-on feature through our integration with OneLogin. With Single Sign-on you have unified access across all your apps letting you login from the single portal. You can also use OneLogin to set up Multi-Factor Authentication for your users, increasing your security with policy-based access control that recognises individuals and not just a password.