User account

Create a user account and set up

To create an account, you only need an email address. After confirming the email, the account will be created. In the future, all notifications from the system will be sent to the user's email address.

The system supports the registration of a user account using a Google account.

User = employee of the company

In the company account, the administrator or owner of the company adds an employee and specifies his or her details: surname, name, etc., assigns him or her to a position and specifies an email address to which the system should send an invitation letter. This email indicates who is inviting the user and to which company. Clicking on the link in the email confirms that the email is correct and that the employee has accepted the invitation.

When the user clicks on the link in the email, a user-employee relationship is created. The user becomes an employee of the company and gets access to the data of their position in the company.

Once such a connection is established, no one can break it to give another user the right to act on behalf of the employee. This ensures that no one other than the employee can perform actions in the company on their behalf and protects company data from the risk of falsification of actions of company employees by any of the company administrators.

The company administrator can block an employee or terminate his/her appointment to a position in the company, thus depriving him/her of access to the company, but he/she cannot influence the user's settings. This means that the user and their access to other companies will remain valid and will not be affected in any way.

Only the user is responsible for creating and deleting an account, managing his/her login and password, and other actions in relation to his/her account. Therefore, they are responsible to the Company for compliance with the security rules in their account.

Read about the logic of Schrift: “Company - Position - Appointment - Employee - User” in the article Company Administration.

To further mitigate the risk of unauthorised access to company data at the employee level, the company can enable employee identification by QES/AES and a requirement for activated two-factor authentication.

User account security

Strong passwords. Schrift follows the best practices for user passwords, never storing passwords in their original form, but only in a transformed, secure form using one-way hashing with ”salt”.

Device identification. The device that is used to log in is identified by the system. When accessing from a new device, a notification is sent to the user's email with detailed connection information. A list of all devices from which the user has connected and managed is available in the user's account.

The system allows you to view and manage the list of devices from which you have logged in. You can track the entire history of connections for each device from which you have logged in.

We are always in communication with you. We instantly notify the user by email of all important actions regarding their account: a password reset request, an attempt to guess a password, an attempt to change the email (login), and account deletion.

Protection against password guessing. If you enter an incorrect password more than 5 times, your account is blocked for 5 minutes and you receive a notification about it via email. Moreover, the system reacts in the same way to a password guessing attempt, regardless of whether the email address is a real account or not. In other words, an attacker cannot get information about whether there is a real account behind the email or not.

We recommend enabling two-factor authentication to ensure that the user's account can be accessed by the owner only. The user can control the list of devices that do not require 2FA. Learn more about two-factor authentication.

To reduce the risk of vulnerability to your account, we recommend that you beware of phishing and other social engineering attacks and monitor who has physical access to your devices.

Save authorisation in the browser

If a user is regularly active in the system, their authorisation in the browser where they were already authorised is saved, and they do not need to enter their password every time they open a new link or tab.

The system saves authorisation only in the browser in which the user has already been authorised and until the “Logout” action is performed.

Saving authorisation after closing all browser tabs will not be ensured if the authorisation was performed in Incognito mode.

Interface language and timezone

The system supports several languages for operation and their number will increase. The user can change the language of the system interface to any of the available languages. The user can also set the time zone so that the time in the system interface corresponds to the specified time zone.

The system interface will be displayed in the language specified in the user's account. Data entered into the system by users, such as object text fields, employee names, etc., remain in their original form.

Adding and changing a photo on your avatar

The avatar from the user's account will be displayed in the interface of all companies to which the user, as an employee, has access.

You can change or delete the photo on your avatar at any time.

Change login (email)

You can change your email (login) at any time. To change your email, you need to confirm your password. The change will take place only after clicking on the confirmation link that will be sent to the new email. A notification email will also be sent to the current email about the change of email.

Sometimes a situation arises when a user accidentally or by mistake creates a second account in the Schrift using his second email, and then wants to replace the email in his first account with the email from the 2nd (actually unnecessary) account.

The system supports such an action. To do this, you need to log in to the 2nd account and mark it for deletion. After that, you will be able to use the email from the 2nd account as a login for the 1st account.

Change or reset your password

To change your password, enter your current password, then the new password, and save. If you are logged in but have forgotten your password and want to reset it, in your account settings, click Change password and follow the steps to reset it.

To recover your account password if you have not logged in, go to the login page and click Reset password?

To change your password, you will need access to your account email.

If the user has logged into the system only with a Google or Apple account, that is, they have not created a password for authorisation by email and password. You can create a password using the Reset password action (password recovery). After that, click on the corresponding link from the email sent to the user's email from the system and come up with a password for the account.

Switch between companies

The user can create many companies (up to 5 free ones), as well as have access to many other companies.

You can switch between companies in which the user is an employee from the list of companies from the interface of one of the companies or from the user's account.

Delete user account

User can delete his/her account at any time.

If the user is the sole owner of any company that also employs other users, the system will ask you to transfer the owner role to another position or delete the company before deleting the user's account.

After the account has been deleted, the user has another 2 weeks to restore it if the deletion was made by mistake or the user changed their mind. To restore an account during this period, it is enough to log in again. After the final deletion, it will be impossible to restore the account.