Changes to Own’s Login Mechanism for Customers With Multiple Regions With The “Same User”

    Over the coming months*, we are improving our login mechanism for all accounts. 

    To ensure the most secure and seamless experience for you and your users, we are enhancing the login mechanism on our backend.  

    This article is aimed at Master Administrators outlining the changes and improvements you will experience.

    Please Note: These changes do not impact your SSO configurations.

    A “Same User” refers to a user with the same email address existing in more than one account in the Own application. (Multiple Regions).

    For Example:

    User Name: John.Doe@Company.com  Own login (region): https://ca1.owndata.com/users/log_in

    User Name: John.Doe@Company.com Own login (region): https://useast2.owndata.com/log_in 

    Same Users with multiple accounts in the Own application (for different regions) will have a single password and security settings, when logging in across all regions.

    • If you currently use the same password across all regions, there will be no change in login behavior. Note: After the update, once you change your password for one region, it will apply  across all your regions.
    • If you use different passwords for different regions, you can log in with a current password. Once two accounts in the Own application (with the Same User) have been migrated, you will need to use the password for the first region updated to log in to all your regions. 
    • Each user will receive an email advising them when they are impacted by the update.

    Security settings (timeout definition, password history/expiration, Multi Factor Authentication (MFA) and IP restrictions) will impact all regions.

    A user with multiple regions will have single login credentials and security settings in all regions. Additionally, all users in an account in the Own application must have the same security settings, therefore if you have a “same user” in multiple regions, security settings will be applied on all users in all regions.

    • You should set one Master Admin across all regions, because once the updates are complete, any changes you make to the security setting in one region will automatically be set across all regions.
    • You should align your Password expiration, and Password history policy for all regions.
    • To avoid locking any accounts, you must list the same IP restrictions across all regions, or remove any IP restrictions from all regions, to avoid locking any accounts. This is because once updated, IP lists will be merged. 
    • The option to use Multi-Factor Authentication (MFA) moves from user-level to account level, and Users creating or updating passwords will be required to confirm the creation or update of passwords via email.

    * The updates will begin on July 17 with EMEA2, and mid august with AU4. We will follow with EMEA4, USGOV2, CA1, CA4, HIPPA4 , UK1, AU1, Useast2, HIPAA1, EMEA1, and APP1 in the months after.

    Note: Once updated, users that were not yet verified will be removed from the displayed list of users. The details of these users will still be available in the exported users CSV.
    « Previous ArticleNext Article »


    Contact Us

    Sometimes you just want to talk to someone. Our customer support team is available by phone:
    Request a Technical Support Call Back