Authentication Methods
Introduction
As an administrator, you can configure multiple sign-in methods for your users. Holistics supports:
You can enable or disable these methods based on your organization's security requirements.
Login Methods
Password-based Authentication
This method allows your users to authenticate using an email-password pair. When enabled, users will see the Sign in with Email option on the Sign In page.
Password Requirements: To maintain account security, you can enforce these password requirements:
- Minimum 8 characters
- Combination of lowercase and uppercase letters
- At least 1 number
- Cannot contain company name or email address
- Must not be too weak
Google Sign-In
You can enable Google Sign-In to allow your users to authenticate using their Google accounts. When enabled, users will see the Sign In with Google option, which opens a pop-up for Google credentials.
Single Sign On (SSO)
This feature is only available in Enterprise plan.
You can implement SSO to provide a secure, streamlined authentication process for your organization. For detailed configuration steps, visit SSO Authentication.
Configure Login Methods
You can control which authentication methods are available to your users:
- Navigate to Settings > General Settings > Security > Login Mechanism
- Select the allowed login methods from the dropdown box.
Two-Factor Authentication (2FA)
You can enable 2FA for password-based authentication. For SSO and Google authentication, 2FA settings are managed through their respective identity providers.
For more details, see Two-factor Authentication.
FAQs
Can users have multiple active sessions?
A: Yes, users can maintain multiple active sessions simultaneously without restrictions.
What is the session timeout policy?
A: For security purposes, sessions automatically timeout after 30 minutes of inactivity. Users will be logged out after this period. Consider informing your users to save their work or refresh their session during extended periods of inactivity to prevent data loss.