Security Enhancements

Security enhancements for your Billiyo account.


Jump To:

Super Users
Non-Super Users
Settings
Unlock a User Account
FAQs


Super Users


When logging in via a computer, a prompt to update your password will appear. 

The new password must meet the following criteria, once criteria is met the red x that appears next to it will become a green checkmark:
  • Be at least 8 characters long
  • Contain 1 uppercase & 1 lowercase letter
  • Contain 1 number (0-9)
  • Contain 1 special character (!@#$%^&*)
  • Cannot contain your username
  • Cannot contain your first name
  • Cannot contain your last name



After filling out all fields, fulfilling the required criteria, click on the Change Password button. When a password is changed, an email will be sent to the email address on file notifying of the password update. 



Upon resetting your password, a prompt about enabling multi-factor authentication for your agency will appear. If you would like to use multi-factor authentication, click on the Yes, Enable! button. If you would not like to use this feature, click on the No button.

2FA is a security system that requires two separate, distinct forms of identification to log in. The first factor is a password and the second is a code sent via email/text.


If GLOBAL 2FA is enabled, an authorization code will be sent to the user's email that will need to be input on the following screen. After entering the authorization code, click on the Confirm button to log in.



If you're not seeing the password change or authorization code email in your email inbox, make sure to check any junk/spam folders for it.


Non-Super Users


When logging in via a computer, a prompt to update your password will appear.

This is only when logging in via computer, it will not appear in the Billiyo mobile apps currently.


The new password must meet the following criteria, once criteria is met the red x that appears next to it will become a green checkmark:

  • Be at least 8 characters long
  • Contain 1 uppercase & 1 lowercase letter
  • Contain 1 number (0-9)
  • Contain 1 special character (!@#$%^&*)
  • Cannot contain your username
  • Cannot contain your first name
  • Cannot contain your last name


After filling out all fields, fulfilling the required criteria, click on the Change Password button. A success message will appear and you will be prompted to sign in again.

When a password is changed, an email will be sent to the email address on file notifying of the password update. 



If GLOBAL 2FA has been enabled by your administrator, the following prompt will appear and a code will be sent to your email that will need to input to log in. Once the code has been input in to the field, click on the Confirm button to finish logging in.


If you're not seeing the password change or authorization code email in your inbox, make sure to check any junk/spam folders for it.


Settings

Super users can enable or disable 2FA. To do so, head to More > Company > Company Settings.


On the Company Settings page, click on the Configurations tab.


Then, click on the pencil icon to edit. On the screen that appears, you can toggle 2FA on or off. If the toggle shows YES and is slid to the right 2FA is enabled, if the toggle shows NO and is slid to the left 2FA is disabled. Make sure to click the Update button after making changes.


A non-super user, when clicking on their username at the top of the left menu, will be taken to a screen where they can edit the following: 

  • Email 
  • Current Phone Number
  • Two-Factor Authentication (2FA) Settings
  • Password
  • Email Notifications





Unlock a User Account


When a sign in attempt is not successful, the following screen will appear. 


If incorrect login information is input, an email notification will be sent if failed login email notification setting was checked.



After 5 failed sign in attempts, a user account will become locked. If this happens, both the user and super users will be notified that the account is locked. When an account is locked, resetting the account password will not work.

Super users can unlock the user account. To do so, head to More > User Account > View User Account.


Locate the user and click on the sign to the left of the employee's name.


Under the expanded options, click on the Unlock Account button to unlock the user's account.


FAQs

What if I'm not seeing an authorization code?

If you are not seeing the authorization code email in your inbox, make sure to check any junk/spam folders in case it was filtered there. 


What do I do if it's not accepting my authorization code?


When inputting the authorization code, we do recommend typing it out manually as copying could add extra spaces that would prevent a successful log in.

What do I do if I can't log in after updating my password?

After updating your password, if you're having trouble logging in make sure to click on the eye icon to the right of the password field to review what password appears. Keep in mind that some browsers may auto-fill information. If the new password was not saved in the browser after updating, it may auto-fill a previous password which would prevent a successful log in.

What if I'm seeing a message that says I don't have access when I log in?

Caregivers are only able to log in via the Billiyo for Caregiver App. So, if your user role is caregiver and you try logging in via computer you will see a message that states you do not have access to this page. 

Can I make it so I don't have to input an authorization code every time?

There will be an option for Trust this computer that can be clicked on the authorization screen. If your settings are configured to Once per computer: We will only ask for a verification code once every 30 days on trusted devices, you will only be asked to input in an authorization code on that device every 30 days.




Disclaimer: No real client or employee information was used.