User Authentication

Posted by BAS - 22 April, 2021

header-picture

All users of MyEnroll360 are subject to an interactive logon process to authenticate and control their application access. Regardless of a user’s MyEnroll360 roles and responsibilities, all users are required to enter their login credentials in the form of a User Name and Password.

MyEnroll360 will lock a user’s account and prevent further logins when the user attempts to login 5 consecutive times with a known User Name and incorrect Password. Users must wait 15-minutes for their accounts to unlock.

Upon a user entering MyEnroll360 login credentials, the system verifies their access by evaluating several properties associated with their login credentials e.g., account not locked, account active, etc. Upon a successfully verification, the user is presented with a privacy statement. If the user accepts the privacy statement, then the user is permitted into the system and is provided a session. The session is a system-monitored process that includes tracking key properties associated with the user’s login, roles, access rights, data access, page access and other vital properties.

All users’ sessions are subject to an inactivity timer that tracks the length of time each user is logged in to the system (i.e., user has an active session but has been inactive e.g., no mouse movements or keyboard entries). The system is setup with a Maximum Period of Inactivity for each user type (e.g., administrator, employee). If a user’s inactive period equals the user’s user type Maximum Period of Inactivity the system will terminate the user’s session.

This user authentication process ensures security of the session.

Topics: MyEnroll360 Security, BAS News, MyEnroll360, MyEnroll360 News


Recent Posts

Question of the Week - Mid-Year Enrollment for Health Coverage

read more

OCR Reports to Congress on HIPAA Compliance and Breaches of Unsecured Protected Health Information

read more

Find your QELs in MyEnroll360

read more