Security Enhancements to the Collexo Institute Portal
Introduction
We are pleased to announce significant enhancements to the security of the Collexo Institute Portal. In our continuous effort to provide a secure and reliable user experience, we have introduced new measures that include Multi-Factor Authentication (MFA) and improved password reset capabilities.
Multi-Factor Authentication (MFA) Implementation
Multi-factor authentication (MFA) is a security process that requires users to provide two or more verification factors to access an account. MFA enhances protection by reducing the risk of unauthorized access.
Configurable for Institutes:
By default, MFA will be enabled for all institutes. MFA can be enabled/disabled via Security Config.
Navigation:
Manage Account →Business Account → General Settings → Security Config.
Note : Multi-Factor Authentication (MFA) is enabled by default to enhance the security of your account and data. However, if you choose to disable MFA, please note that Collexo will not be responsible for any data breaches, unauthorized access, or security incidents that may occur as a result of this action.
Flexible Authentication Options
Users have the option to choose authentication method as per their preference. The available authentication methods are as follows:-
- Email OTP: This is the default authentication method for all users. Users would be required to enter the OTP that they receive in their email address.
- Authenticator-based login: It uses an app (like Google Authenticator) to generate time-sensitive, one-time passcodes for secure access. Users need to enter the generated code to verify their identity. Here are the benefits of authenticator-based login:-
- Authenticator apps work even when your phone is offline i.e. codes can be generated without an internet connection.
- Unlike email-based OTPs, authenticator apps are based on something you have, i.e., your physical device, making them inherently more secure than something you know (like email credentials or passwords).
- Since codes are generated locally on your device and change every 30 seconds, they’re much harder for attackers to intercept or reuse.
Institute Portal Login Process:-
How to Set Up Authenticator
- Download an authenticator app from the Play Store or App Store (for example Google Authenticator, Microsoft Authenticator, Authy)
- Open the app and tap the “+” icon to add a new account.
You’ll see two options: - Scan a QR code
- Enter a setup key manually
- Go to your Collexo account → Click on your profile (top right) → My Profile → Security
- Turn on Login Using Authenticator toggle
- Scan the QR code shown on the screen using the authenticator app.
Once scanned, your account will be added automatically, and you’ll start seeing a 6-digit code. - If you can’t scan the QR code: Choose “Enter a setup key” in the app and fill in the following details:
- Account Name: Enter the email address you login with
- Setup Key (no spaces): Enter the setup key being shown
- Key Type: Select Time Based as the key type
- After adding the account, verify the 6-digit code shown in your app in the input box to complete the setup.
You're all set! Instead of entering in email OTPs, you can now login using authenticator codes which would be generated every 30 seconds on your device.
- Enhanced Security Measures: Appropriate rate limits have been implemented to prevent unauthorized access, further safeguarding user accounts.
Password Reset Links Enhancement
- Users with the appropriate permissions can now send password reset links directly from the Institute portal. This feature is designed to facilitate secure and efficient account recovery for our users.
How to send Password Reset Links:
Navigation: Menu → Admin Setting → Manage Users
- Head over to the Manage Users page.
- Click on the Action button against the user to whom you want to send the Password Reset Link to.
- Click on “Send Password Reset Link”
- An email containing the Password Reset Link would be sent to the user.
These updates reinforce our commitment to maintaining the highest standards of security and providing you with a robust, user-friendly experience on the Collexo Institute Portal.
Conclusion
The new security enhancements—Multi-Factor Authentication, flexible login options, and improved password reset features—strengthen protection for all Collexo Institute Portal users. These measures ensure safer access, reduce risks of unauthorized entry, and provide a more reliable, user-friendly experience.
Related Articles
Introducing Flexible Login Options for Your Applicant Portal
Overview We’re excited to announce a new feature on Collexo that puts your organization in control of how your applicants access their portal. You can now choose whether applicants log in using their email address or their mobile number, offering ...Data Masking on Collexo
Introduction In today’s data-sensitive world, it’s essential to ensure that your applicant’s Personally Identifiable Information (PII) such as email addresses, mobile numbers, personal identification details, and financial data is only visible to the ...Introducing Refunds on Collexo
Overview This feature would enable your organization to record and track refunds you have issued offline. It ensures transparency for applicants and keeps them informed through the following methods: Real-time notifications for issued refunds. ...Enhancements to Partial Payments
Overview Our recent updates now provide you with more options than ever when it comes to configuring partial payments for your fees. In addition to setting a minimum amount for partial payments, you can now define the exact percentages for each ...Scholarship & Concession on Collexo
Introduction This feature enables you to offer scholarships or concessions to your students/applicants. Students/applicants can apply for concessions/scholarships during fee payments, and once they apply a concession/scholarship to a fee, the total ...