Your ControlUp Insights is now even more secure. We've improved the login by adding one-time passcode (OTP) verification, providing increased security for all your ControlUp users.
You benefit from using one-time passcodes because:
- OTPs are less vulnerable than user-generated passwords to hacker’s replay attacks. Potential hackers may be able to record an OTP that was used to log into ControlUp Insights but they will not be able to use it, since it’s valid only once.
- A user who uses the same or similar password for multiple logins is more vulnerable on all of them if the password for one of these is stolen by a hacker. With system-generated OTPs, the passcode is valid for only ControlUp Insights and only once.
To access Insights, enter the email address you use as your ControlUp user ID. A one-time passcode is sent to that email address, which is entered during login. The Remember Me option enables you to stay logged in for 30 days without having to enter your user ID or another passcode.
Keep in Mind
A few things to remember when accessing Insights:
- This new login flow applies to all users accessing Insights.
- The Remember Me feature is optional and valid for 30 days. That time period can’t be adjusted.
- If Remember Me is enabled, when accessing Insights, users jump right into the app and don't have to enter a user ID or passcode.
- The Remember Me option enables immediate login for the same user using the same browser.
- If Remember Me is not enabled and the user’s login session ends, each time a login is attempted, an OTP is sent to the user’s email and must be entered to log in.
- If a user leaves an organization, just like with the old login flow, that user’s access can be removed in the ControlUp Console from ControlUp Insights > User Permissions list of users that can access Insights.
- If a session times out due to inactivity, the web client is disconnected from the backend server and a landing page opens where users can select to go back to the login page.