All modules Login

Profile and sign-in protection guide

Account & Security Documentation

This public guide explains what the module does, who uses it, the main records involved, and how work moves from setup through daily execution, controls, and reporting.

1. Purpose and users

Account and Security is the personal workspace each signed-in user uses to maintain their own profile and sign-in protection. It is used by all system users, regardless of department.

This area is not a business department module. It exists so users can keep their own name, email, password, two-factor authentication, and account state under control.

2. Profile information

The profile page lets a user review and update personal account details such as name and email. If an email change requires verification, the system keeps that verification state separate from normal module access.

Users should keep their profile information current because the system uses the account identity in audit logs, approvals, uploads, finance entries, trip actions, HR actions, and other controlled workflows.

3. Password changes

Users can update their password from the profile workspace. The system validates the current password before accepting the change, which protects the account if someone reaches an unlocked session.

A good password change workflow starts with confirming the current password, entering a strong new password, saving the change, and then using the new password at the next sign-in.

4. Two-factor authentication

The system supports two-factor authentication from the profile area. Users can enable two-factor protection, confirm it with the authenticator code, regenerate recovery codes, and disable it when permitted.

Two-factor authentication adds a second proof during sign-in. This is important for users with access to finance, HR, stock, approvals, system administration, and other sensitive areas.

5. Recovery codes

Recovery codes are backup codes for regaining access when the authenticator device is unavailable. Users should regenerate codes if they believe the old codes were exposed or already used.

Recovery codes should be stored securely outside the ERP. They should not be pasted into comments, documents, tickets, or shared messages.

6. Account deletion

The profile workspace can include account deletion controls. Deleting an account is sensitive because audit history and business records may still reference the user who performed actions.

Organizations should normally disable or restrict account deletion for production users and use deactivation through administration when the account must no longer sign in but history must remain traceable.

7. Daily use from start to finish

A normal account security workflow starts by confirming profile details, changing the password when needed, enabling or confirming two-factor authentication, storing recovery codes safely, and signing out of shared devices.

The best habit is simple: keep your account accurate, protect your password, use two-factor authentication where required, and remember that every controlled business action is linked back to your user identity.