Module 3: Addressing Security
In this module:
- Accounting for security.
- Signing in.
- Single-Sign On (or SSO).
- Changing passwords.
- 2-step security (or 2-factor authentication).
- Signing out.
And a bit of help:
Module 3 video
Prefer to read along?
Click CC to enable captions in YouTube or read the full transcript below.
Module 3 practice quiz
FYI: All of the questions on the final exam are taken from the practice quizzes!
- Click here to take the practice quiz for Module 3
- Click here to review the quiz answers
Show Notes № 3
- Delighted Security Briefing — User Security Training
- Security and Privacy on the Help Center
Quiz answers
Read the transcript
If you wish to follow along with the script, or just prefer reading, a complete transcript of the video can be seen below.
Welcome back to Delighted’s Admin Certification. This is Module 3: Addressing Security.
Delighted’s security features help ensure the integrity of your research program. While some features are required, like passwords to log into your account, some are optional, like 2-step authentication. While we strongly recommend setting up these additional measures, you and your team can decide what is best for your organization.
It’s important to note that security changes only impact an individual user and do not change the security settings of other Delighted users, even if you have invited them to your project.
If you’re interested in learning more about how Delighted protects your data through our back-end security, head to the Security & Privacy section of our Help Center.
We’ve also created a handy security guide to share with your users, which includes all they need to know about security. You can find it in our show notes, under the two-part title, “Delighted Security Briefing—User Security Training.”
Delighted’s self-help security options are found in the Account menu. Let’s take a quick glance before jumping into specifics.
From the Account menu, users can: look up their email address and set up or disable Single Sign On, change passwords, set up 2-step authentication, and sign out.
We’ll focus on each in turn!
It doesn’t get more basic than logging in. That said, there are enhanced security login options to consider—like using SSO and locking a user out after multiple login attempts. (So let’s get back to basics for a second.)
To sign in, go to Delighted.com and click Sign in.
Here, you have two options. If you have set up SSO, they can select your SSO login (either Google or Apple). If you have not set up SSO, you’ll simply enter their email address and password.
Users will get three password attempts before the system locks them out for an hour, which is never good. What’s more, it will trigger a worrisome “suspicious activity” warning to the account owner's inbox.
If a user forgets their password (which does happen), have them click “Forgot your password?” from the Sign in screen. A password reset email will be sent to their account’s email address. They can then follow the instructions and click the Reset link.
SSO is short for Single Sign On. SSO allows a single ID and password to authenticate multiple apps and websites with one set of credentials, such as a Google or Apple login.
Why bother with SSO? Two reasons: SSO can make signing in a bit more convenient, and combining multiple credentials provides a double layer of security by layering in a trusted security protocol (like Google or Apple) on top of Delighted’s security.
Delighted does not currently support other SSO providers.
To set up SSO, click the Account menu, select “Connect with Google” or “Connect with Apple,” and then log into your Google or Apple account. Once authenticated, you’ll be redirected to your Delighted account.
The linked email address will appear above a new Disconnect from Google/Apple button. Additionally, you’ll see a banner letting you know that your Delighted login has been associated with your Google (or Apple) login.
To disconnect from SSO, click Disconnect from Google or Disconnect from Apple on this screen, and that will be the end of it!
Delighted makes updating passwords a snap. The main caveat is that the password must be 10 characters or longer. It's up to the user to decide on the use of special characters, capitalization, and numbers in their password.
To change a password: open the Account menu, click inside the first box and enter your current password, enter the new password in the second box. (Watch the blue eye light up! Click the blue eye to reveal the password and avoid typing mistakes.) Click Save changes. If you make a mistake, you’ll see an error message (either “Oops, your current password is incorrect” or “Password is too short”). Remember, the minimum password length is 10 characters.
When everything checks out, a “Thanks” banner appears and your new password will be live!
You can also change your password from a logged out state with the Forgot password button on the login page.
2-step security adds another level of security on your team’s survey projects, requiring both a password and a mobile phone to sign in. Also called 2-factor authentication or 2FA, this level of safety may be required by your organization’s security policies. 2-factor authentication makes certain that the person trying to access the account is actually who they say they are (by tying their login to their personal phone number).
Delighted’s 2-step security requires entering a 4-digit code that is sent to a user in a text message.
When a new user accepts an invitation to participate in their projects, they’ll see a suggestion from Delighted to set up 2-step authentication. This is your cue to have them set up 2-step.
To set up 2-step: click Account, choose 2-step security, then “Turn on 2-step security.”
Select your Country Code and enter your mobile phone number
Select three security questions and enter answers to each (these will come in handy if you ever lose your phone or have trouble receiving text messages).
Click “Send verification code”
Check your phone and grab that code, then enter it into the boxes
If you make a mistake, the boxes will shake. Retype your code or click “Didn’t receive a code?” to send a new one
When finished, users will be told how “Great” they are (which is true of all Delighted users)
To turn off 2-step security, click Account, choose 2-step security again, then click “Turn off.” (Easy as that!)
If you want to keep 2-step security on but need to update your phone number or security questions, head back to the 2-step security page, then click “Change” next to the current phone number. You’ll walk through the set-up process again with a chance to make edits.
Misplace your phone? Forget your security questions? (Ouch.)
What happens if a user secures themselves right out of their own account!?
There is a simple remedy: Click “Having trouble?” and then "I lost my phone" on the login screen and a new code will be emailed to you. Users will then be allowed to temporarily log into their accounts. They should immediately turn off 2-step authentication while they await their new phone.
If things turn desperate, send Customer Concierge a note and we’ll send out our locksmiths.
We hate to see you go!
But when it’s time to log out of your Delighted account, simply head to the Account menu and choose “Sign out.” Come back soon!
Thanks for joining us for another Admin Certification module.
We’ll catch you in the next one!