Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska Kiswahili ไทย Türkçe Українська Tiếng Việt 简体中文 中文 (香港) 繁體中文

How to Enable and Use Password-less Logins

Avatar
Katie Brennan
Updated
Follow

Password-less Logins

KnowBe4’s password-less logins feature allows your users to log in to their assigned training directly without requiring them to use a password. You can enable this feature in your Account Settings and use our specially-designed training notifications to let your users access training through this password-less method.

Note: Password-less logins are convenient and easy to use, but this feature is not the most secure. Each login link expires within 24 hours, but if the link URL is shared on the internet it could be indexed by Google or other search engines. This means that attackers could view the URL and related information (such as a user’s email address) well after the link has expired.
For the safest login experience, we recommend using SAML Single Sign-on or Multi-Factor authentication.

Jump to:
What are Password-Less Logins?
How to Set Up Password-Less Logins
Best Practices for Password-Less Logins
Frequently Asked Questions (FAQs)

 

What are password-less logins and how do they differ from the standard login method?

By default, KnowBe4’s training platform will enable your users to set a password for their training account once they confirm their account and log in for the first time (or, alternatively, admins may set a password for their users once they are imported into the console).

Enabling password-less logins will instead email a customized link to users as part of their invitation to take training, or if they attempt to log in to their KnowBe4 account. They can use this special password-less link they receive to log in to training directly without needing to create or enter a password at any time.

This provides users the convenience of not having to remember a password for their training account.

Back to top

 

How do I set up password-less logins on my account?

    1. Log in to your admin account and click your email address on the top-right. Click Account Settings.
    2. Navigate to the Users Settings section.
    3. Click the checkbox next to Use Password-less Login.
      • If you would like to disable the Password-less Login option for admins, click the checkbox next to Disable Password-less Login for Admins.
    4. Select how long you’d like password-less links to remain active. The default is 3 days, and the maximum entry is 999.
    5. Scroll down and click Save Changes at the bottom of the page.

Back to top

 

Best Practices for Password-Less Logins

Enable two-factor authentication for admins for an additional layer of security.

We strongly recommend that account administrators enable two-factor authentication on their accounts for more protection. This is optional for your users as well. Click here for more information about enabling two-factor authentication.

Use password-less training notifications.

After enabling password-less logins on your account, you should be especially aware of what training notifications you are selecting on your training campaign. There are built-in templates tagged with “password-less” which will contain the password-less login placeholder to automatically populate your training notification. Alternatively, you can create your own templates from scratch which include our password-less placeholders. For more information about placeholders and how to use them, click here.

Back to top

 

Frequently Asked Questions (FAQs)

Below are common questions about password-less logins. If you do not see your question answered and require assistance, a member of our support team can help. Submit a support ticket here

a) What will my users see when they click the password-less login link for the first time?

If they’ve never accessed their KnowBe4 account before, they will be prompted to enter their first and last name. After clicking Save & Continue, they will see their training page.

If they’ve previously logged in, clicking the link will take them directly to their My Training page, even if they’ve used a password for their KnowBe4 account in the past.

b) Do you have built-in notifications I can use with password-less logins?

Yes, look for the (Password-less) tag on training notifications. Be sure to select the correct notification template for the type of training notification you are sending out.  

c) Can I set password-less logins for only specific users and groups?

No, you cannot set password-less logins for specific users or groups with the exception of admin users. When password-less login is enabled, all users will be required to login with a password-less login link. However, you do have the option to disable password-less logins for admins to require admins to login with a password. You can do this from your account settings page. We also recommend setting up two-factor authentication for admins on your account for an additional layer of protection.

d) How long do password-less login links stay active?

The expiration time of password-less login links can be set at the administration level in your Account Settings. The default setting is three days. Only the latest password-less login link generated for that user account will be active.

e) Once the link is expired, how will my users be able to log in?

They can request a new link whenever they need it on https://training.knowbe4.com (or https://eu.knowbe4.com, depending on where your KnowBe4 account is located). 

Account admins can also generate a new link for any users on their individual User page by following the below steps:

  1. Log in to your KnowBe4 admin account and click the “Users” tab.
  2. Locate the user you need to generate a new link for and click their email address.
  3. Look at the “Registration” box to the bottom-right of the screen. You will see a “Password-less Link” entry which will allow you to see the status or expiration time of the user’s current password-less link.
  4. To generate a new link for the user, click the blue icon to the right of the expiration date.
  5. Generating a new link will automatically invalidate the previous link provided to the user. Click OK to proceed.
  6. Copy the link from the text box that appears and provide it to the user to log in for training. Remember, the link will not be emailed to the user when you generate it for them. You will need to provide it to them manually. 


f) I have board members or users that need to take their assigned training using the standard email and password login method. How do they log in now that I’ve enabled password-less logins?

For board members who need to take training but cannot receive the password-less login links, you can send them to https://training.knowbe4.com/users/login/ to log in with their assigned email and password that you set for them. They will be able to access training through this method.

More information about assigning board members training can be found here: How do I assign board members training? 

As an alternative, you can also generate a link for them manually on their individual User page. See above for instructions on how to do this.

For users who had previously set a password, they can log in in any one of three ways:

  1. With the above link, (https://training.knowbe4.com/users/login/ or https://eu.knowbe4.com/users/login/).
  2. By clicking the new password-less login link they receive in their training notifications.
  3. By navigating to https://training.knowbe4.com (or https://eu.knowbe4.com, depending on where your KnowBe4 account is located) and generating a password-less link for themselves upon attempting to log in.

 

g) Can I use password-less logins and single sign-on (SSO)?

Yes, you can use both of these features at the same time in certain scenarios. If both SSO and password-less logins are enabled, users who have SSO KnowBe4 accounts created will log in through their SSO portal and authenticate with their identity provider per usual. Users who do not have SSO accounts will have to wait for a training notification link to be able to log in, specifically the password-less notification.

Users who do not have SSO KnowBe4 accounts must have a valid password-less link to be able to log in for training.

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles