1 Overview
A user of Veloopti can have access to multiple organisations through their user account. After logging in to Veloopti you can change to any organisation that you have access to.
2 Organisation
As a user you login to Veloopti and then select the organisation that you would like to access. If you are a member of only one organisation then you will be taken directly to it.
3 Logging in
To login to Veloopti:
- Enter a Veloopti URL that has a login screen
- veloopti.com or veloopti.com.au and click on the login button
- <region>.veloopti.com.au
- <region>.veloopti.com
- Enter your username and password
- [Optional] Select the Remember Me check box
- When you select this box you will remain logged in to Veloopti until you log out. Shutting down the web browser, closing the Veloopti browser tabs or hibernating the Operating System will not activate the logout process.
- When not selecting this box you will be logged out automatically after closing all Veloopti tabs and five minutes of time passes.
4 Password requirements
We care that you have a password that is resistant to being compromised. Therefore we have put into place the following rules for the creating and storing of your password.
- It should be at least 8 characters and no more than 64 characters in length.
- We allow all printing ASCII characters as well as the space character.
- We replace multiple consecutive space characters with a single space character prior to verification, provided that the result is at least 8 characters in length.
- We do not truncation your password.
- We will confirm that your password is not known to be commonly-used, expected, or one that has been compromised elsewhere. We do not allow the following:
- Passwords that have been compromised is a previous password breach.
- Dictionary words.
- Passwords consisting of repetitive or sequential characters. (e.g. ‘aaaaaa’, ‘1234abcd’)
- Passwords that contain the word veloopti.
- Your username or derivatives.
After 3 failed attempts you will be locked out for 5 minutes. After locking yourself out for 10 times your account will be permanently locked and only able to be unlocked using the "I forgot my password" link on the login screen.
Your password is stored in a format that is resistant to offline attacks. We take your password, add a salt, and a cost factor and then generate your password as a hash. This hash is then stored and your plain text password is discarded. At no point in time do we store the text of your password.