DEAR Inventory offers several features to maintain and enhance the security of your account.
- Periodic password change
- User Profile page
- 2-step authentication
- Account locks for multiple incorrect login attempts
Periodic password change
Users in your organisation can be forced to change their passwords at regular intervals. Set the password change frequency in General Settings → Security. Password change frequency can be set to Never (default), every month, every 3 months, every 6 months, every year.
The date of the next password change is calculated from when the password was first set, not from when the password change frequency feature was activated.
NOTE: Passwords in DEAR must follow these rules to be valid:
- Use 8 or more characters
- Must include upper and lower case characters (e.g. Aa)
- Must include a number (1234)
- Must include a symbol ($%&?)
- Must not be the same as the last 10 previous passwords.
User Profile page
The User Profile page allows you to manage your account settings – set up a personal name for the DEAR account, set up 2-step authentication and view recent login attempts. It can be accessed from your Account menu.
The User Login History grid shows the 10 most recent login actions; this should be regularly checked for any unusual logins or suspicious account activity.
2-step authentication adds an extra layer of security to your user account or to an organisation account.
2-step authentication can be enabled at the user account level through the User Profile page. If 2-step is enabled at the user account level, every login to a different organisation under this user account will need to be authenticated.
Administrators for an organisation can enable 2-step authentication at the organisation level by going to Settings → General Settings → Security. If 2-step authentication is enabled at the organisation level, all users logging in to the organisation will need to be authenticated. Users will be able to select "Remember me for 30 days" when logging in with authentication.
NOTE: If your DEAR organisation is integrated with QBO, 2-step authentication must be disabled for the DEAR organisation and all accounts within that organisation.
To enable 2-step authentication:
- Enable 2-step authentication on your DEAR account.
- Download the Google Authenticator app for your home and click Begin.
- Scan the barcode or manually enter the code provided.
- The Google Authenticator App will provide a 6-digit code to enter into DEAR. When you have access to the Google Authenticator app, this is the fastest way to verify your account.
- Next, set up alternative forms of authentication for when you do not have access to the app.
- Email: Add an alternative email address to authenticate your account. A code will be sent to the alternative email address to confirm.
- Security questions: Add three security questions and answers to your account. The security questions are not case sensitive.
NOTE: Users in China will not be able to access the Google Authenticator app. We recommend another 2FA app, such as 2FA Authenticator (2FAS) in this scenario.
If you are unable to log in via the Google Authenticator app or via using your security questions, you can have the account owner for your organisation email DEAR Support and request for the 2FA to be disabled on your login. Please make sure the account owner states your login email on the request. DEAR only honours requests like this from account owners for security reasons.
Account locks for multiple incorrect login attempts
DEAR locks out user accounts after five (5) failed incorrect password attempts. If you forget your password, click the Forgot your password link on the DEAR Inventory Login page to get a new one. If you still fail to log on to DEAR Inventory after changing your password, contact the DEAR Support Team at firstname.lastname@example.org.