Skip to main content

User Security

User Security ensures that all users access the system safely and responsibly. PrismERP provides multiple layers of protection to safeguard user accounts, prevent unauthorized access, and maintain data integrity.

Strong Credentials

  • Users must create secure passwords containing letters, numbers, and special characters.

  • Passwords should not be shared or reused across different accounts.

  • The system may enforce a minimum length and complexity policy.

Two-Factor Authentication (2FA)

Enhances account security by requiring an additional verification step after entering the password.

2FA via Google Authenticator

  • Download and install Google Authenticator on your mobile device.

  • Scan the QR code shown in PrismERP under User Security Settings.

  • Enter the 6-digit code from the app to complete login.

2FA via Email

  • After entering your password, a verification code is sent to your registered email.

  • Enter the code in the login screen to proceed.

2FA via SMS

  • After password entry, a one-time code (OTP) is sent to your registered mobile number.

  • Enter the OTP to confirm login.

IP Restriction

  • Admins can restrict login access based on specific IP addresses or ranges.

  • Users can only log in from approved networks or locations for security.

Branch Data Control

  • Users can be assigned to specific branches or business units.

  • Access and data visibility are limited to the assigned branch(es).

Time Restriction

  • Admins can define allowed login hours or duration for each user.

  • Logins outside the permitted time window will be blocked automatically.

Password Expiry

  • Passwords automatically expire after a set duration (e.g., 60 or 90 days).

  • Users are prompted to create a new password upon expiry to maintain security.

Idle Timeout

  • The system will automatically log out users after a period of inactivity.

  • To continue, users must log in again for security reasons.