Skip to content
← CommunitySuite Idea Lab

How can we improve CommunitySuite? Search or submit ideas below.

CommunitySuite Idea Lab: Permissions/Logs

Categories

JUMP TO ANOTHER FORUM

(thinking…)

timeout

We opened the new portal to our Board for evaluation, and we received a complaint that there was no timeout for the portal. The user had left their PC after logging in and found it was still connected to the portal a couple hours later. A timeout is a standard feature for financial websites. We benchmark against Fidelity, for example, and they have this feature.

This idea was submitted long ago and only got 4 votes, so it was closed by Holly. I'm proposing to re-open it and once again gauge its importance.

8 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Bryan Katz shared this idea  ·   ·  Report…  ·  Admin →
Implemented  ·  AdminSkye Weber (Admin, Foundant Technologies) responded  · 

3/12/2025:Login: We have implemented an update to the portal login process to enhance security and provide more controlled access based on profile designations. This change significantly improves security by limiting who can log in with an email and controlling which profiles are visible to the user. The enhanced login flow helps ensure that users only access profiles relevant to their designated roles. The email login method is now limited to profiles that have a designation enabled for portal access. If the email entered is not associated with any profile, no pin will be sent to the user. If the primary email on the profile does not have a designation enabled for the portal, they profile will be directed to the “Enter your PIN” page. The messaging will clarify that "If we have the email in our system, we will send you a pin." Logins will expire after 1 day following the same process as a logged in user. If a user has a username and password set up they will no longer be able to login with just the email, as long as there is a profile designation. If a profile has a user designation, email login will not send a pin.

Users with a username and password can still log in normally. If the profile has no designations, the user will be directed to their own profile page and will not be able to see other profiles.

Portal-Profile: The profiles shown on the profile selection page are now determined by the designation linked to the email used for login. If a user logs in with an email associated with a profile that has a designation (e.g., Fund Advisor), only profiles with the same primary email and corresponding enabled designations will be displayed.

This change ensures that users can only view profiles with designations that are enabled on the portal.

Show previous admin responses (1)
Comments are closed An error occurred while saving the comment