Security and Login
On this page you configure password and security settings including how long learners can stay logged in before Percipio automatically logs them out.
Access this page from the Settings menu and Site Configuration, then Security and Login.
Login instructions
Login instructions allows you to specify instructions to help your learners log in successfully.
Select Display login instructions and enter up to 255 characters of login instructions to display above login fields.
Security
Selected by default, this option prevents learners from entering any of their last five passwords when they reset their password.
Selected by default, this option shows learners their email address in a masked form when they request a password reset. Showing a masked email helps learners know what email address is associated with their Percipio user account and helps prevent calls to Support. This setting does not apply to users who use single sign-on to log into Percipio.
Selected by default, this option allows learners who do not have an email address in their Percipio user profile to specify security questions and answers. Percipio automatically prompts the user to specify questions and answers the second time they log in. Having questions and answers specified allows learners who forget their password to access their account without calling for support.
If you know your users will not add an email address to their profile, you can require that they specify questions and answers by selecting the option: Make security questions and answers collection mandatory.
If learners enter their email address on their Account Information page, the security questions are no longer used and learners are instead sent a Reset Password email.
For more information on how admin settings impact a learner's first login experience, refer to User Login Experience.
This setting is only available to organizations with a SAML integration. When selected, Percipio redirects users to your corporate login page instead of Percipio's login page, or for mobile users, it only shows the option to log in using corporate credentials.
Unselect this option if you want to give your users the option to select the corporate login page or the direct Percipio login option.
Login timeout
Enter the number of days your users can remain signed in until they are automatically signed out of Percipio and made to reenter their sign-in credentials.
Desktop users: applies to learners accessing Percipio from their desktop browser. This setting also applies to Percipio ELSA if you are using the corporate login (SAML) at your organization.
- Select Days, Hours, or Minutes from the drop-down.
-
Enter a numeric value between 30 minutes and the equivalent of 90 days. By default, desktop users remain signed in for 90 days.
- For Days, the value must be between 1 and 90.
- For Hours, the value must be between 1 and 2,160.
- For Minutes, the value must be between 30 and 129,600
Mobile users: applies to learners accessing Percipio from the mobile app. This setting also applies to Percipio ELSA if you are using Percipio login at your organization
- Select Days, Hours, or Minutes from the drop-down.
-
Enter a numeric value between 30 minutes and the equivalent of 90 days. By default Percipio mobile app users remain signed in for 30 days.
- For Days, the value must be between 1 and 90.
- For Hours, the value must be between 1 and 2,160.
- For Minutes, the value must be between 30 and 129,600
Login timeouts go into effect the next time your learner signs out of Percipio. When you change your timeout values, Skillsoft recommends you send a notification to your learners asking them to sign out of Percipio.
Multi-factor authentication via email
Multi-factor Authentication (MFA) is a secure authentication method that requires users to prove their identity by supplying two or more factors when they log in. MFA can only be used with Percipio login credentials, not single sign on configurations.
In addition to a user's login credentials, you can have users enter a 6-digit authentication code that they get to their email address that is saved in Percipio.
MFA is off by default. When MFA is on, it works for users logging into the web and the mobile app.
To turn on and configure MFA:
-
Select Enable Multi-factor Authentication (MFA) via email.
-
Choose if you want MFA to be on for just admin roles (site admins, learning admins, managers, content curators, content coordinators, and custom roles) or all users, including learners.
-
Choose if you want MFA to remember a user's device. If your users log into Percipio from shared devices, we suggest that you do not check this box.
-
Select Save changes.
The next time the user logs in they are prompted to enter their login credentials and then a 6-digit code that they receive in their email.
Frequently asked questions
Yes, if you have SAML enabled on your site. You must enable the Automatically redirect users to corporate sign-in screen setting.
Use the Prompt users without email on file to provide security questions and answers setting. This setting only applies to learners without an email address in their Percipio user profile.
If the user does not have an email associated with their Percipio user account and you have MFA turned on, Percipio prompts the user to enter an email address and then sends the code to that email address.