Authentication by OpenAir

OpenAir can authenticate users attempting to connect to the application, by using information stored in the OpenAir database itself. This is the default authentication mechanism for new accounts. Each user must be given a user name with an associated password as well as the Company ID for the OpenAir account. The user must provide this company ID, user name and password when attempting to access or connect to the application. This process prevents unauthorized use of the application, because the access or connection will be denied if the user provides an incorrect password. OpenAir stores user passwords in a hashed format and applies restrictions to prevent unauthorized alteration. Users can change their own passwords at any time.

OpenAir authentication includes the following features:

• Password Encryption

• Minimum Password Policy Requirements

• Password Options

• Two-Factor Authentication (Help topic under Administrator Guide)

• Employee Lockout (Help topic under Administrator Guide)

• Session Timeout (Help topic under Administrator Guide)

• IP Restriction