Version 5.0 of Single Sign-On implements significant changes to the underpinnings of the SSO application. Many of these changes are not readily apparent to employees or administrators but are essentials precursors to the next major enhancement to Single Sign-On, general availability of Two-Factor Authentication (2FA).
Enhanced the employee’s Status tab used by SSO administrators to include several new fields:
- Position ID Number (PIN)
- Work Phone Number
In addition, the Employee’s Administrators and Employee Menu Items boxes were moved to a new Admins/Menus tab.
Re-designed SSO’s log on and account validation processes to support multiple flexible scenarios, including Two-Factor Authentication.
Added a system process that requires the administrators SSO and related applications who work in targeted system members or departments to use Two-Factor Authentication. Note that the initial group of users targeted by this process will be small at first, then gradually expand to general availability of this feature.
Implemented Duo Two-Factor Authentication for users who are required or opt to use 2FA. Allow employees to opt-in if not already required.
Allow administrators to force employees to use Two-Factor and manage their 2FA devices using the employee’s Status tab.
Fixed a problem in which a “password changed” email was being sent to users who tried to change their password but entered a new password that was already on file and therefore invalid.
Fixed a problem in which an IP address mismatch was reported for a user in a blocked country with an expired password.