PeopleForce

Ensure secure access to PeopleForce while minimizing friction for users and following best security practices.

Enable automatic sign-out after inactivity

Why: Reduces risk if someone forgets to log out on a shared or public device.

How: Go to Settings → Security, and set the system to automatically sign out users after 120 minutes of inactivity.

✅ Best practice: Set to 120 minutes to balance security and convenience.

___________________________________________________________

Enforce two-factor authentication (2FA)

Why: Adds an extra layer of protection for employee accounts beyond passwords.

Enable Enforce Two-Factor Authentication (2FA).

Once enabled, employees will see a prompt when logging in: ​“Wait, before continuing you need to enable Two-Factor Authentication. Your company has enabled forced 2FA on your account. In order to continue, you must enable 2FA.”

Users will not be able to access PeopleForce until they set up 2FA.

- Go to Settings → Security.
- Enable Enforce Two-Factor Authentication (2FA).
- Once enabled, employees will see a prompt when logging in: ​“Wait, before continuing you need to enable Two-Factor Authentication. Your company has enabled forced 2FA on your account. In order to continue, you must enable 2FA.”
- Users will not be able to access PeopleForce until they set up 2FA.

✅ Best practice: Make 2FA mandatory for all users. Combine with strong password rules (e.g., minimum length, numbers, and special characters).

Why: Helps detect unusual activity like unauthorized logins.

How: Enable IP Tracking to notify employees when their account is accessed from a new IP address.

✅ Best practice: Enable this for all accounts. It’s a passive but effective way to increase security awareness.

Why: Centralizes access management and improves login security across company tools.

How: In the SSO provider section, choose your company’s provider — <a href="https://help.peopleforce.io/en/articles/6959832-google-authentication">Google</a>, <a href="https://help.peopleforce.io/en/articles/6959834-microsoft-authentication">Microsoft</a>, <a href="https://help.peopleforce.io/en/articles/6959836-saml-authentication">SAML</a>, or <a href="https://help.peopleforce.io/en/articles/6959838-ldap-authentication">LDAP</a> .

✅ Best practice: SSO ensures that user access is managed through one central system, making onboarding, offboarding, and access control more secure and efficient.

Enforce Single Sign-On (SSO) Login

Why: Centralizes access control and enhances security by requiring users to log in only through your company’s identity provider (Google, Microsoft, SAML, or LDAP).

Under Single Sign-On (SSO) provider, choose your provider (e.g., Google Authentication, Microsoft Authentication, etc.)

1. Go to Settings → Security
2. Under Single Sign-On (SSO) provider, choose your provider (e.g., Google Authentication, Microsoft Authentication, etc.)
3. Enable Enforce SSO login

🔒 Once enabled, users will no longer be able to log in with their PeopleForce passwords — they must authenticate through SSO.

✅ Best practice: SSO ensures that user access is managed through one central system, making onboarding, offboarding, and access control more secure and efficient. ​

Why: Protects accounts that still use email + password login.

How: Set the following password rules:

Encourage special characters (optional)

- Minimum length: 12 characters
- At least 1 number
- At least 1 uppercase letter
- Encourage special characters (optional)

✅ Best practice: Combine strong password rules with 2FA for accounts that don’t use SSO.

Why: Reduces the risk of long-term password exposure. This applies only to companies using login and password authentication (not SSO).

How: In Security settings, set passwords to expire every 2–3 months. Users will be prompted to create a new password after expiry.

✅ Best practice: Set password expiry to 60–90 days to ensure regular updates. Notify users in advance to avoid disruptions, and encourage the use of strong, unique passwords with each reset.

Setting up authentication in PeopleForce the right way

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Setting up authentication in PeopleForce the right way

Enable automatic sign-out after inactivity

Enforce two-factor authentication (2FA)

Turn on IP Tracking

Use SSO (Single Sign-On)

Enforce Single Sign-On (SSO) Login

Set strong password requirements

Enable password expiry