Signing In & Out
Security Measures
For user accounts managed by symplr Contract, the following password policies are enforced:
Passwords must contain at least one uppercase character, one lowercase character, and at least one digit.
Passwords must be at least eight characters long.
Passwords expire after 90 days and then must be changed.
New passwords are checked against a history of the user’s last six passwords.
Brute force prevention mechanisms are in place. These mechanisms include:
Automatic lockout after five failures, with a 10-minute wait.
A quick sign-in check of 1000 ms with a minimum one-minute wait.
Upon the fifth consecutive incorrect sign-in attempt, a user account will be locked for 10 minutes.
For most organizations using SSO (single sign-on), the system times out (auto sign-out) after two hours of inactivity.
For non-SSO organizations, the system times out (auto sign-out) after 30 minutes of inactivity.
How to Sign In
If your organization uses SSO (single sign-on), your sign-in process may differ.
Go to the URL provided by your symplr Contract representative.
Enter your username (email address) and password.
Click Login.
How to Sign Out
Click the caret (small down arrow) next to your user initials.
Click Sign out.
Forgot Password or Signing In for the First Time
If you forget your password or are signing in for the first time, click Forgot Password?
Enter your username, then click Submit.
You’ll receive an email with a link to reset your password.
Overview of SSO (Single Sign-On)
SSO is an advanced authentication, authorization, and access control method for environments where users normally access multiple applications daily. Its most basic function is to enable users to sign in just once to gain entry into several applications. For example, after you sign in to your internal network, you'll automatically be granted access to your symplr Contract account, email, and any number of other systems commonly used within a healthcare facility.
Given the sensitive information contained within symplr Contract, the peace of mind gained from using SSO can be extremely valuable. If a user is no longer with your organization, your organization’s admin can mark the user as deactivated. Deactivated users do not have access to symplr Contract.
If your organization uses SSO, all users within your organization must use SSO.