InnoVint is committed to ensuring that your data remains safe and secure. This article describes the login process and how to add new new users, and details how users are authenticated to access InnoVint.
What is “Authentication”? This means checking that you are who you say you are! It is a method to prove identity and is essential to data security. This is different to "authorization", which is the realm of user access & permissions.
Methods of authentication can include things like passwords, PINS, or single use tokens. We already support passwords of course, and also provide an option to activate Multi-factor Authentication (requiring a single use, time limited code as a second authentication factor).
This article covers the following:
Logging in
Login emails
InnoVint's login process is "Identity first". This means that you only enter your email for the first login screen. Based on your login email, InnoVint will trigger any additional authentication steps, i.e. a password field, and/or require a code from an authenticator app (providing multi-factor authentication).
Passwords
InnoVint has instituted a Zero Trust rule. No one will ever know your InnoVint password except you.
For new users
When adding new users to their winery account, admins will enter an email, first name and last name. New users then receive a verification email requesting them to finish setting up their account, where they will have a chance to set their password.
Neither the account admin nor InnoVint Support will be able to set or reset this password.
New users must have access to a valid login email in order to receive the activation email, set their password, and access InnoVint.
For existing users
If you forget your password, you must recover it via the "Forgot password?" link on the login screen. This triggers an email to your user's login email, which must be used to reset the password. Find out about our password guidelines here. 
🚨 If you cannot access your login email (i.e. you are using someone else's or a placeholder/fake email address), then you may not be able to recover your InnoVint account if you forget your password.
Session Timeouts
InnoVint has a device specific 30 day rolling session timeout rule. Session timeouts are a security feature that automatically end a user's session (i.e. log you out) on a device (i.e. or phone, or your computer) after a specific period of time. These session timeouts will apply to the desktop app, InnoApp and Tank Maps.
The purpose of session timeouts is to mitigate the risk of unauthorized access to a user's account when they are not actively using the system. By automatically logging out users on a regular basis, session timeouts help protect sensitive information and prevent unauthorized individuals from taking advantage of an open session. Find out more here.
Multi-factor Authentication (MFA)
MFA is an individual winery choice to enforce for their own users.
Admins will be able to fundamentally implement MFA as a requirement for a winery account by being able to confirm that all users turn it on for their account, and rejecting access to anyone who does not comply. However, InnoVint will not be able to independently require or enforce this for all your users at login.
Our MFA option relies on an authentication app. This authentication app is controlled by the user under Privacy/Security in their User profile page.
User profile page
The "person" icon provides individual users access to their own account settings page.
You can update your password, view open sessions on different devices, and control multi-factor authentication activation and authenticator apps.
If you have any questions, please contact InnoVint Support at support@innovint.us or by submitting a ticket using the "Submit help ticket" button at the top right corner of this page.