FAQ about User Management

The user can’t log in to the panel, what can I do?

The most common issues include users attempting to use the "forgot password" feature without prior registration and trying to register using an expired old link. Please note that users must register for the InOne panel using the most recent link sent to them. If needed, you can resend the invitation via InOne, and users must register using the latest link provided.

My user is locked, what should I do?

After a user enters a certain number (6 times) of wrong passwords, that user's account is blocked. This is a security precaution against cyber attacks. When the user is blocked, they cannot log in to the panel with their One-Time-Password or regular password. After waiting for 2 hours, the lock opens by itself and the user can use the "forget password" flow after 2 hours.

If the user is locked 3 times consecutively, the account will not be opened for security reasons. You should contact Insider team or create a support ticket.

Why does the user get passive?

If the user is passive, it means that the user has not registered to the system yet, or tried to register from an expired link. The solution is to send a new invitation mail to the user and make sure that they will register from the last registration email.

• Email invitations expire after 14 days for security reasons. If this period passes, the user cannot register with the previous invitation. Manage users can send a new invitation.
• Once you've sent the email to the user, the designated panel user must finalize the registration process. If the user fails to register, they won't be able to receive a "forgot password" email, and their account will remain inactive. It's impossible for someone to forget their password if they haven't registered in the system. To avoid errors, users must register using the latest valid invitation email.

Problems with Invitation

• If your panel admin does not receive an email, it might be because the email might fall into their spam folder. Your firewall might be blocking “http://useinsider.com” emails. You should add Insider's domain to the whitelist to avoid possible problems. 
• If you have previously deleted a user from the panel, they cannot access that panel, and their authorization is taken. However, the user is not deleted from the Insider system. When you add the same user through User Management again, the invitation mail will not be sent to the user because they already exist in the system; the role and the access will be added to the panel. The user can log in to InOne with their old password, or if they forget their password, they can set a new password with the "forgot password" flow and log in to their panel.

Problems with Two-factor Authentication (2FA)

• If the QR code does not appear in the 2FA setup, users might need to wait for a few seconds. As the code is sent by Google, its duration can vary based on the Google network
• In the 2FA setup, users can use Twilio's Authy tool instead of Google Authenticator. Twilio also allows users to access their codes on the computer when they lose or change their phones.
• We highly suggest users save their backup codes after 2FA setup, they can also log in with these backup codes if they have problems with 2FA authentication.
• If users need a new 2FA setup, their panel admin can reset their 2FA setup. Then, they can set up a new 2FA for their device. After you reset their 2FA, they should log out from the panel, log in again, and then set up their new 2FA. For further information, refer to How to Reset 2FA.
  Your title goes here

  You should consider that not having a 2FA makes you invulnerable to cyber-attacks, therefore ensure that the user's password is safe before you reset it.