In this article, you’ll learn about login security and the different methods supported in Teamtailor.
We also have an article about the login flow from the user's perspective, found here.
Teamtailor login credentials
When using Teamtailor login credentials, we have measures in place to help keep user information secure.
Secure passwords
After being invited to a Teamtailor account, each user needs to create their login and choose a password. To help keep their accounts safe, we recommend setting a strong, unique password.
These are our set password requirements:
At least 12 characters (numbers, letters, and special characters)
Not part of any known major security breach
Does not include name or email
Learn more about creating secure passwords here.
Verify device
In our efforts to keep your accounts and data safe, all users need to verify their devices when logging in to Teamtailor. This will only be required once per browser to keep the login experience smooth for future logins. This step verifies that the user logging in owns that email address, which enhances the security of your account.
When logging in to Teamtailor, you need to verify ownership of your email by entering a verification code sent to your email address.
Email verification will not be required if your company has set up Single-Sign On or Two-Factor Authentication.
Single Sign On (SSO)
You can enable Single Sign-On (SSO) on your Teamtailor account, allowing users to log in using their existing corporate credentials.
Teamtailor supports SSO via SAML 2.0, an open standard for exchanging authentication and authorization information. Learn more about setting up SSO in our guide here.
Two-Factor Authentication
Two-Factor Authentication (2FA) increases security on your account by requiring you to input a one-time code generated by an app on your phone when signing in.
Examples of authenticator apps:
Set up 2FA for your company
As a Company Admin user, you will find the option to enforce Two-factor authentication for all users under Settings → Company → Security.
After 2FA is enabled, team members will see a banner when they log in, prompting them to set up authentication in their user profile.
Once 2FA is enforced, users must complete the setup to continue using their account. If a user tries to log in without setting up 2FA, they will be redirected to their user profile settings to complete the setup.
You can use the Two-factor authentication filter under the Employees tab if you want to know which users have enabled 2FA on their accounts.
Manage 2FA for individual users
Each user follows the setup in their user profile settings, which they can read more about here.
If a user experiences issues logging in with their 2FA, a Company Admin can manually disable it to allow them to set this up again. To do this:
Go to the Employees tab and open the user from the list.
Click Edit profile in the top right corner, open the Security section, and click Disable two-factor authentication.
Login sessions
To align with standard security practices, Teamtailor uses login sessions. A login session is the period during which the user is logged into our system before being required to log in again. During this time, the system recognizes the user and grants them access without having to log in again.
If you don’t manually log out, you will automatically be logged out if:
You haven’t visited Teamtailor in 26 hours, or
You've been continuously logged in for 10 days. In which case, your session will expire 1 hour after your last activity.
This means you can stay logged in for up to 10 days, as long as you access Teamtailor at least once every 26 hours. After 10 days of continuous login, the session becomes more strict, and you'll be logged out after only 1 hour of inactivity.
If you prefer shorter login sessions for added security, we can easily adjust that for you. Reach out to our Support team via chat or through email at support@teamtailor.com.