On Thursday September 29, 2023, we will be releasing platform v11.8.5 which introduces Enhanced Account Session Security! Please view our Release Notes.
This release includes enhanced security measures to restrict certain accounts groups from multiple sessions. Disabling the ‘Allow Multi-Session Login’ functionality (as shown below) allows administrators at World and National level to restrict accounts to single sessions, so they can't log into the platform multiple times at once.
Manager and Frontline Employee Restrictions
Occasionally, in your organization, you may have employees and managers share login credentials with other employees. This ultimately affects the training compliance for your organization, as employees have access to copying answers to questions in E-Learning. Restricting single login sessions for Managers and Frontline Employees prevents staff in these groups from sharing credentials with other staff. For other tips on preventing answers being copied, check out our 'Creating an E-Learning Module' article with features like Number of Retries Allowed and Randomized Answer Options.
Improved Security - Preventing Unauthorized Access
Helps prevent unauthorized users from gaining access to an account if the user's credentials are compromised. If a user is already logged in on one device and attempts to log in on another, the system can detect the conflict and take action.
Enhanced Privacy - Protect User Data
Users may access sensitive information through their accounts. By restricting concurrent sessions, you can help ensure that only one person has access to this data at a time.
Better User Experience - Prevent Session Conflicts
It prevents users from accidentally interfering with their own sessions. For example, if a user logs in from a different device without logging out from the first one, it can lead to session conflicts and confusion. By limiting concurrent sessions, you can provide a smoother user experience, as users won't encounter unexpected session disruptions or errors.
Some industries and regulatory bodies require session management controls as part of their security and compliance standards. Implementing these controls can help ensure your organization meets these requirements.
Allowing multiple sessions is enabled by default, so to increase session security on your platform for users, navigate to System → Account Groups to enable or disable this feature.
Should you have any questions about these changes, feel free to get in touch with our Support Team at email@example.com.