The Users area is where you can manage all of your users and groups in your console. Click below to learn about the various administrative controls you have beneath the Users tab.
Read this tutorial, or watch our user and group management-related videos on our Tutorial Videos page, to learn about the various ways to manage users and groups in your KnowBe4 console.
- Multi-Domain Environments
- Quick Import
- CSV Import
- Downloading a Sample CSV
- Active Directory Integration (opens in a new window)
- Creating Groups
- Cloning Groups
- Archiving Groups
- Deleting Groups
- Smart Groups
- Using Groups in Phishing
- Using Groups in Training
Click on Users and then Import Users to be taken to the area where you can import users.
We have three methods for importing users:
We are also compatible with Single Sign-on (SSO).
If you have the "Allow Users to Signup" feature enabled in your Account Settings and users sign-up for their own accounts, those users will be automatically added to your user list. This setting is "off" by default.
Users who are added to the console will also be enrolled in any phishing or training campaign that has the "Enable automatic enrollment for new users" option selected. Before adding users, we recommend checking the settings for each of your campaigns and disabling this option as needed.
In most cases, the only domain that will be active on your account is the initial domain your organization signed up with. However, we do support multi-domain environments.
If your organization uses multiple domains in your email system (for example, firstname.lastname@example.org, email@example.com or firstname.lastname@example.org), you can add these additional domains to your account as needed.
Please follow the instructions on this article to add more domains to your KnowBe4 account: How to Add and Verify Domains
Adding Users – Quick Import
The first method to add users is Quick Import. This will allow you to import your users' email addresses only. If you'd like to import additional information about your users, we recommend using CSV Import or Active Directory Integration (ADI).
Quick Import Screen
1) Click Quick Import beneath Users > Import Users to view the Quick Import screen.
2) Email Address Format: Your input must be one email address per line with no commas or spaces. The email addresses must contain your organization's domain(s).
3) Text Box: You can type or paste a list of user email addresses here, matching the required email address format (2).
4) Password: You can set a password for your users, though this is not recommended except in special cases. If you don’t set a password for your users, they will be able to create their own password when they first log in for training.
5) Groups: If you’ve already set up groups, you can choose to add the users to a group.
6) Import Users: Click this button to import the user email addresses you've placed in the text box.
When using the quick import option, ensure that you only import valid single-user email addresses. Do not import distribution lists or generic "catch-all" email addresses.
Adding Users – CSV Import
You can use our CSV import feature to bulk import users and add optional additional information about your users. This feature is located in the Users section under the Import Users tab.
To learn more about how to import users using a CSV file, as well as what user information fields you can include, read our article: CSV Import: How do I import users with a CSV file?
Download Sample CSVs
Beneath Users > Import Users > CSV Import, you can download one of three example CSVs to use as a starting point to gather your user list and information.
Example 1 CSV
When using the CSV import option, ensure that you only import valid single-user email addresses. Do not import distribution lists or generic "catch-all" email addresses.
Managing and Editing Users
The All Users list under the Users tab allows you to manage your users. You can add them to or remove them from groups, promote or revoke admin rights, edit basic profile information, and download a list of your users to a .csv file.
You can click on any user’s email address to see detailed information about that user’s training history and phishing results. You will also see a timeline showing that user's interaction with tests and training in the console, recording everything from the date and time they were added to the console, to when they last logged in.
You can also manually edit any information you have imported into the system about that user here. Keep in mind, if you're syncing user information with Active Directory using ADI, ADI will overwrite the information on the next sync if it is different.
If a user’s email address changes, change it in their profile in order to maintain that user’s training and phishing history. If you instead import the new email address to the system, it will create a new account for that user and it won’t carry over their previous history. If you accidentally import the newer email into the system, you can use our merge users feature to merge the accounts.
Archiving and Deleting Users
To help manage your user list, you can archive or delete users. For bulk archiving or deleting, a CSV file can be uploaded into the console. You can restore archived users. Users who have been deleted cannot be restored.
See our How do I archive or delete a user? article for more information.
Adding Users to Groups
To add one or more users to a group, you can check the box next to each user you wish to add, then select the group in the upper right-hand drop-down box and click the Add selected to group button.
If you are importing users into your account using a CSV file, the easiest way to add users to groups is to have this information included in the CSV file upon import. See more on our CSV Import article.
Users cannot be manually added to Smart Groups. Members are automatically added and removed from these groups as appropriate. Learn more about Smart Groups (Platinum/Diamond only) here.
Assigning/Revoking Admin Privileges
To assign a user administrator privileges, click the drop-down arrow (1) to the right side of that user and select Make Admin (2). The same action can be used to revoke admin privileges. Administrators will show up with a blue background in the user list.
All administrators will have access to all available features in the console. If you want to define specific admin rights over only certain areas of the console, you can create Security Roles (Platinum/Diamond only) (3) to accomplish this. See our Security Roles Product Manual and tutorial video for more information.
Assigning Administrative Controls
If you assign admin privileges to a user, you should set their time zone to the proper time zone for your organization. This will ensure that reporting features in the console (such as the time a user clicks on a phishing link) will be shown in the correct time zone. See more about time zones and how to edit them here.
Security Roles (Platinum/Diamond Only)
Platinum and Diamond customers can use our Security Roles feature to provide additional access to areas in the console to specific groups of users. Learn more about Security Roles on the resources below.
The best way to get the most out of your management console is to use groups effectively. Groups can be used to target users with specific phishing or training campaigns. After importing users, you can divide them into groups by department, location (if you have multiple office locations), or even domains (if there are multiple domains on your account). Users can be in as many groups as they need to be in, and you can have an unlimited number of groups set up.
See our CSV Import article for instructions on adding users to groups upon import. See our Active Directory Integration (ADI) article (opens in a new window) for information on syncing security or distribution groups from your Active Directory into our console.
Our Smart Groups (Platinum/Diamond only) feature streamlines the process of creating and maintaining groups by automatically-populating users based on specific criteria. Learn more about Smart Groups here.
You can apply a Security Role (Platinum/Diamond only) to a group to give additional access to certain areas of the console if needed. Learn more about Security Roles here.
Click on Users, then Groups, and you will see a list of any groups you have created in your console. There are no groups by default.
Click the +New Group button and you can create groups with names from 2-64 characters, including spaces.
What is a "Smart Group"?
Platinum/Diamond accounts will have the option to create a Smart Group when setting up a new group. Smart Groups are automatically-populated user groups based on specific criteria. Users cannot be manually added to or removed from Smart Groups. Learn more about Smart Groups here.
In addition to manually creating groups, you can create groups automatically using a CSV import. Add a "Group" header to the CSV before importing your user list via CSV. See our CSV Import article for more details.
Once a group is created under the Groups tab, click on the name of the group to see more details. On the individual Groups view, you can:
- See who is a member of the group
- Remove selected or all users from the group by clicking the Archive button
- Archive selected or all members of the group from the console (i.e. remove them from your main Users list)
- Download a CSV of all users in the group
- Add users to a different group
Example of removing or deleting users from a group
You can make a copy of an existing group by cloning it. See our How to Clone a Group article for more information.
You can archive groups that you no longer need. Archiving groups will not delete any users in the groups.
Archived groups can be restored by clicking the Archived Groups Only checkbox while on the Users > Groups tab, and then clicking Restore. Alternatively, you can permanently delete archived by groups by clicking the Delete button instead of Restore. For more information on deleting groups, please see the section below.
You can delete groups that you no longer need. To delete groups, you first need to archive the group. Once archived, select the Archived Groups Only checkbox from the Users > Groups tab to see the groups that have been archived.
There are two options for deleting groups: Delete Selected and Bulk Delete from CSV.
Note: Both of these options will permanently delete these groups from your console. However, users within the group will not be deleted.
Deleting Selected Groups
While looking at the groups that have been archived, select the group or groups you want to delete and then click Delete > Delete Selected.
Bulk Deleting Groups through CSV:
While looking at the groups that have been archived, select the group or groups you want to delete and then click Delete > Bulk Delete from CSV. Selecting this option will bring up the Bulk Delete from CSV window (shown below).
- Click the Browse... button to select the CSV file to upload. Make sure all the groups in the CSV have been archived. Groups that have not been archived will not be deleted.
- From the Notify upon bulk delete completion drop-down menu, to select which users you want to notify about the deletion.
- Select the checkbox to send a notification to your email about the deletion.
- Click Delete Groups to permanently delete the groups in the CSV.
Smart Groups (Platinum/Diamond Only)
Using Smart Groups, you can dynamically and automatically group users based on specific criteria. You can use these groups with phishing campaigns, training campaigns, or to generate a variety of ad hoc analysis reports.
Smart Groups can be used in conjunction with your existing standard user groups. The difference between Smart Groups and standard groups is that with Smart Groups, you are able to define distinct criteria from many options to dynamically include or exclude users. Learn more about Smart Groups using the resources below.
- How to Use Smart Groups (Article)
- Use Cases for Smart Groups (Article)
- Remedial Training/Tiered Phishing with Smart Groups (Article)
- Introduction to Smart Groups (Video)
- Advanced Phishing with Smart Groups (Recorded Webinar)
Using Groups in Phishing Tests
Using groups in your phishing tests allows you to target a subset of users with specific phishing templates. This can be helpful if you want to target your phishing attempts to certain departments or create spear-phishing attempts on certain key staff. You can target multiple groups in a single phishing campaign. You can also use groups to conduct phishing tests by region or location if you want to get more specific metrics from the tests.
We recommend that you create groups for different locations, repeat clickers, management, or other high-risk sets of users. Under the Phishing > Reports tab and on our Advanced Reporting feature, you will be able to see how Groups are doing in terms of their phish-prone percentage and number of phishing “failures” (i.e. clicks).
Our Smart Groups feature streamlines the creation of groups such as these. You can learn more about Smart Groups (Platinum/Diamond only) here.
Phishing best practices: Prior to sending out any phishing tests to your users, creating a test group for yourself and any other admins you have on your account. You can use this test group after following our whitelisting recommendations to ensure that our emails will successfully reach your users.
Using Groups in Training
Using groups allows you to assign specific training to a limited subset of users. When you set up a training campaign, you can elect to enroll all users, or only enroll specific groups. You can set up an automated remedial training for a “clickers” group, to provide additional training to your most vulnerable or phish-prone users. Click here to learn how to set up remedial training.
You can use groups to track training progress and run reports on various subsets of users. For example, you could find out how many members of the Accounting group had started, but not completed a specific course. Any training-related report can also be filtered by group. Group reports can be found on the Training > Reports tab as well as our Advanced Reporting feature.