User Guide

This guide explains how to use all features of the Identity Service as an end user.

Getting Started

Accessing the Identity Portal

1. Open your web browser and navigate to your organization's Identity portal
2. You will see the login page with email and password fields
3. The interface supports multiple languages (English, Hungarian, German) - select your preferred language from the header

Language Selection

Click the flag icon in the header to change the interface language:

• 🇬🇧 English
• 🇭🇺 Magyar (Hungarian)
• 🇩🇪 Deutsch (German)

Theme Selection

Toggle between light and dark mode by clicking the sun/moon icon in the header. Your preference is saved automatically.

---

Logging In

Standard Login

1. Enter your email address in the email field
2. Enter your password in the password field
3. (Optional) Check "Remember me" to stay logged in for 30 days
4. Click Sign In

Login with Two-Factor Authentication (2FA)

If you have 2FA enabled:

1. Complete the standard login steps above
2. A verification screen will appear
3. Open your authenticator app (Google Authenticator, Authy, etc.)
4. Enter the 6-digit code shown in your app
5. Click Verify

tip

The 2FA code changes every 30 seconds. If your code is rejected, wait for a new code and try again.

Login with PIN

If PIN verification is required:

1. Complete the standard login steps
2. Enter your 6-digit PIN when prompted
3. Click Verify

Forgot Password

If you forgot your password:

1. Click Forgot Password? on the login page
2. Enter your email address
3. Click Send Reset Link
4. Check your email for the password reset link
5. Click the link and set a new password

caution

Password reset links expire after 60 minutes. Request a new link if yours has expired.

---

Dashboard

After logging in, you'll see your personal dashboard.

Security Score

The security score shows how well-protected your account is:

Score	Status	Recommendation
100%	Excellent	Your account is fully secured
70-99%	Good	Consider enabling additional features
50-69%	Fair	Enable 2FA for better security
Below 50%	Poor	Your account needs attention

How to improve your score:

• ✅ Enable Two-Factor Authentication (+30 points)
• ✅ Set up a Security PIN (+20 points)
• ✅ Change password regularly (+10 points)
• ✅ Verify email address (+10 points)

Quick Actions

The dashboard provides quick access to:

• Profile Settings - Update your personal information
• Security Settings - Manage 2FA, PIN, and password
• Active Devices - View and manage logged-in devices

Recent Activity

View your recent account activity including:

• Login events
• Profile changes
• Security changes
• Device changes

Each entry shows:

• Action type
• Date and time
• IP address
• Location (if available)

Active Devices

See all devices currently logged into your account:

• Device type (Desktop, Mobile, Tablet)
• Browser and operating system
• Last activity time
• Current session indicator

---

Profile Settings

Viewing Your Profile

1. Click on Profile in the navigation menu
2. View your current profile information

Updating Profile Information

1. Navigate to Profile
2. Click Edit Profile
3. Update the following fields:
   • First Name - Your given name
   • Last Name - Your family name
   • Display Name - How your name appears to others
   • Phone - Your contact phone number
   • Timezone - Your preferred timezone
   • Language - Your preferred language
4. Click Save Changes

Uploading Profile Picture

1. Navigate to Profile
2. Click on the avatar image or Change Photo
3. Select an image file (JPG, PNG, max 2MB)
4. Adjust the crop area if needed
5. Click Upload

---

Security Settings

Accessing Security Settings

1. Click on Security in the navigation menu
2. You'll see all available security options

Changing Your Password

Requirements for a strong password:

• Minimum 12 characters
• At least one uppercase letter (A-Z)
• At least one lowercase letter (a-z)
• At least one number (0-9)
• At least one special character (!@#$%^&*)
• Cannot be one of your last 5 passwords

To change your password:

1. Navigate to Security
2. Find the Change Password section
3. Enter your Current Password
4. Enter your New Password
5. Confirm your new password
6. Click Update Password

Password Tips

• Use a password manager to generate and store strong passwords
• Never reuse passwords across different services
• Consider using a passphrase (e.g., "Coffee-Mountain-42-Sunset!")

---

Two-Factor Authentication (2FA)

Two-Factor Authentication adds an extra layer of security by requiring a code from your phone in addition to your password.

Enabling 2FA

1. Navigate to Security
2. Find the Two-Factor Authentication section
3. Click Enable 2FA
4. A QR code will appear on screen
5. Open your authenticator app (Google Authenticator, Authy, Microsoft Authenticator)
6. Scan the QR code with your app
7. Enter the 6-digit code from your app
8. Click Verify & Enable

Important

Save your Recovery Codes in a safe place! You'll need them if you lose access to your authenticator app.

Using 2FA

After enabling, you'll need to enter a 2FA code when:

• Logging in from a new device
• Logging in after your session expires
• Performing sensitive operations

To enter a 2FA code:

1. Open your authenticator app
2. Find the entry for "Vecton Identity"
3. Enter the 6-digit code shown
4. The code refreshes every 30 seconds

Recovery Codes

Recovery codes are backup codes you can use if you lose your phone:

• Each recovery code can only be used once
• You receive 8 recovery codes when enabling 2FA
• Store them securely (password manager, printed in a safe location)

To view recovery codes:

1. Navigate to Security
2. Click View Recovery Codes
3. Enter your password to confirm

To regenerate recovery codes:

1. Navigate to Security
2. Click Regenerate Recovery Codes
3. Enter your password
4. Save the new codes (old codes will stop working)

Disabling 2FA

1. Navigate to Security
2. Find the Two-Factor Authentication section
3. Click Disable 2FA
4. Enter your password to confirm
5. Click Confirm Disable

caution

Disabling 2FA makes your account less secure. Only disable if necessary.

---

Security PIN

The Security PIN provides quick verification for sensitive operations.

Setting Up Your PIN

1. Navigate to Security
2. Find the Security PIN section
3. Click Set PIN
4. Enter a 6-digit PIN
5. Confirm your PIN
6. Click Save

PIN Rules:

• Must be exactly 6 digits
• Cannot be sequential (e.g., 123456, 654321)
• Cannot be all the same digit (e.g., 000000, 111111)

When You'll Need Your PIN

• Confirming sensitive account changes
• Authorizing high-value transactions
• Accessing protected areas

Changing Your PIN

1. Navigate to Security
2. Click Change PIN
3. Enter your current PIN
4. Enter your new PIN
5. Confirm the new PIN
6. Click Save

Disabling Your PIN

1. Navigate to Security
2. Click Disable PIN
3. Enter your password
4. Click Confirm

PIN Lockout

If you enter the wrong PIN too many times:

• Your PIN will be temporarily locked (15 minutes)
• You'll receive an email notification
• After lockout expires, you can try again

---

Device Management

Viewing Your Devices

1. Navigate to Security or Profile
2. Find the Active Devices section
3. View all devices logged into your account

Each device shows:

• Device Name - e.g., "Chrome on Windows"
• Device Type - Desktop, Mobile, or Tablet
• Browser - Chrome, Firefox, Safari, etc.
• Operating System - Windows, macOS, iOS, Android
• IP Address - Network address (partially masked)
• Last Activity - When the device was last used
• Current badge - Indicates your current device

Revoking Device Access

If you see an unfamiliar device or want to log out from another device:

1. Find the device in the list
2. Click the Revoke button (or trash icon)
3. Confirm the action

warning

Revoking a device will immediately log out that session. The user will need to log in again.

Trusting a Device

When logging in from a new device, you may be asked to trust it:

• Trust this device - Skip 2FA verification for 30 days
• Don't trust - Always require 2FA on this device

---

Activity Log

Viewing Your Activity

1. Navigate to Profile
2. Click View Activity Log
3. Browse your account activity history

Activity Types

Activity	Description
user.login	Successful login
user.login_failed	Failed login attempt
user.logout	Logout
user.password_changed	Password was changed
user.profile_updated	Profile information updated
2fa.enabled	2FA was enabled
2fa.disabled	2FA was disabled
pin.set	PIN was set
pin.changed	PIN was changed
device.revoked	Device access was revoked

Suspicious Activity

If you see unfamiliar activity:

1. Immediately change your password
2. Enable 2FA if not already enabled
3. Revoke all devices you don't recognize
4. Contact support if the issue persists

---

Logging Out

Standard Logout

1. Click on your profile avatar in the header
2. Select Logout from the dropdown
3. You'll be redirected to the login page

Logout from All Devices

To log out from all devices at once:

1. Navigate to Security
2. Click Logout from All Devices
3. Confirm the action
4. All sessions will be terminated

---

Troubleshooting

I Can't Log In

Check the following:

1. Verify your email address is correct
2. Check Caps Lock is not enabled
3. Ensure you're using the correct password
4. If 2FA is enabled, make sure your authenticator time is synced

Still having issues?

• Use the "Forgot Password" feature
• Contact your administrator

My 2FA Code Isn't Working

1. Check your phone's time - Your phone's clock must be accurate
2. Wait for a new code - Codes refresh every 30 seconds
3. Use a recovery code - If you have one saved
4. Contact support - They can disable 2FA for you

I Lost My Phone (with 2FA)

1. Use one of your Recovery Codes to log in
2. Go to Security and disable 2FA
3. Set up 2FA again on your new phone

My Account is Locked

Accounts can be locked after multiple failed login attempts:

• Wait 15-30 minutes and try again
• Contact your administrator to unlock immediately

I See Suspicious Activity

1. Change your password immediately
2. Enable 2FA if not enabled
3. Revoke all unknown devices
4. Contact support to report the incident

---

Getting Help

Contact Support

If you need assistance:

• Email: support@vecton.hu
• In-app: Click the Help icon in the header

Reporting Security Issues

For security concerns:

• Email: security@vecton.hu
• Do not share security issues publicly