How is user access secured?

User access is secured through password‑protected, uniquely identified accounts plus role/module permissions, optional Single Sign‑On (SSO), configurable password/session policies (strong passwords, resets, timeouts), and administrative controls for module and data access (including PCI and GDPR controls).

Details:

• Unique, password‑protected user accounts (login ID = unique email). Administrators manage users and user types/permissions from the User Administration pages. User Information
• Role/type and account scoping control levels of access (different user types and account/sub‑account visibility). User Information
• Single Sign‑On (SSO) support (SAML2/OAuth2 etc.) that admins enable per account/event and choose where it applies (forms, Mobile, Speaker Portal). SSO Configuration
• Password and login options for the mobile Touchpoint app: attendee‑created, planner‑created, universal, and one‑time passwords; attendee passwords are strongly constrained (minimums and character requirements). One‑time passwords expire (15 minutes). Login Options (Touchpoint)
• Elevated/PCI‑sensitive controls: viewing full credit card numbers requires explicit per‑user permissions, PCI background checks, a 15‑minute session timeout for CC viewers, and a 90‑day password reset requirement (and account/module level toggles to remove CC access). Adding/Removing Full Credit Card Information Access
• Privacy and compliance: GDPR data‑subject request guidance is available for view/edit/delete requests. User Information (GDPR note)
• Administrative controls: admins can add/remove users, export user lists, send password emails, and enable/disable modules that affect data exposure. User Information and CC Access

Which area do you want to secure most: platform/admin accounts, attendee/mobile (Touchpoint) access, or payment/credit‑card access?