Slate Login Notifications and Checkpoints

Slate employs login checkpoints for administrative users as part of a comprehensive security strategy to identify suspicious unauthorized activity and behavior.

Checkpoint Trigger Conditions

These checkpoints are triggered when a user attempts to log in under the following conditions:

  • The login attempt is from outside their home country
  • The user has not logged in from this IP/country in the last 30 days
  • The user is using an unrecognized device
  • The user does not have an event, interview, or trip stop in the login country within +/- 7 days

A user may also trigger a checkpoint if they attempt to log in using a commercial/non-university VPN or anonymizing service, which will require a security administrator to release.

We believe that these checkpoints will present no major obstacles for users traveling abroad. For users that reside outside of the organization's home country, you can edit the user account to set a new home country for which checkpoints will not be required, irrespective of idle time or activity.

Checkpoint Trigger Notifications

When a checkpoint is triggered, an email notification will be sent to the email address on record for the user, with a link to allow or deny the login. A separate notification will be sent to all security administrators for the database. See below for examples of these messages.

  • Allow Login - If the user allows the login, they may proceed as normal. There will be no additional verifications for that user when they log in from that country, so long as their access in that country does not idle for more than 30 days.
  • Deny Login & Communication - If the user denies the login as unauthorized, an additional, high priority email will be sent to the user and all security administrators for the database reporting the unauthorized login attempt.
  • Ongoing Notifications - Once a login notification has been triggered, login notifications will also be generated for login attempts from the home country until login is allowed again.

Login Checkpoint

When a user requires checkpoint authorization, they will receive a message when attempting to log in.

1.png

Login Notification

As the message indicates, an email is sent to the email address on record for the user with an authorization link.

Login Checkpoint Upon Receiving Login Notification

Upon clicking the link, the user will be directed to allow or deny and report.

If the user allows the access, they will proceed with authentication.  If the user denies access, a separate email will be sent to the security administrators, with high priority, indicating that the user's account may be compromised.

Was this article helpful?
8 out of 10 found this helpful

Comments

0 comments

Please sign in to leave a comment.