All users added to your KnowBe4 console have a personal profile which summarizes their performance on phishing security tests and training campaigns and provides their risk score and Phish-prone percentage. User information is also contained here and can be manually modified as needed.
After you add your users to your console, you will see them on your user list beneath the Users > Users tab. Click any user's name or email to access their personal profile.
Accessing a user's personal profile allows you to modify their details and view their phishing, training, and risk history at a glance.
General User Details
Your general user details will list all information about that user and list the groups that the user is a member of.
Modifying User Details
There are several ways to modify a user's information. We've placed them in order of what we most recommend, to make managing your user's information as easy as possible.
- Through automatically syncing your user list with Active Directory.
- As a best practice, we recommend modifying your user details in Active Directory when using ADI and allowing the next ADI sync to update your user's information.
- If you're using Active Directory Integration (ADI) to sync user information, most settings will be uneditable through the other methods, unless you configure that user as not managed by ADI.
- By importing a prepared CSV.
- From the Users > Import Users > CSV Import tab, you can import a CSV containing your users' email addresses, along with any additional information you'd like to include about your users.
- Be sure to follow the formatting steps in this article when adding user fields and details to your CSV: How do I import users with a CSV file?
- Manually, by editing their user profile. The two methods below will take you to the User Profile settings page, where you can modify the user's details:
- While on the Users > Users tab:
- Click the arrow to the right of the user you'd like to modify details for.
- Click Edit.
- From the User's profile:
- While on the Users > Users tab, click any user's email address or name to view their personal profile.
- Click Edit in the General area on the top right of their personal profile.
- While on the Users > Users tab:
You can enable multi-factor authentication for your users as an added layer of security. We strongly recommend that you enable MFA for any users with elevated security roles or admin access.
To learn how to enable MFA for your users, review our Multi-Factor Authentication guide.
You can enable or disable access to PhishER for admins and users by checking the PhishER Enabled box. By default, PhishER will be enabled for account admins and disabled for non-admins or users. As an admin, you have the option to disable and then restore your own PhishER access.
If PhishER is enabled on an admin or user account, a Go to PhishER drop-down menu option will be available by clicking on your email address in the top-right of the KnowBe4 console.
The Registration Details section displays basic account setup and login data, including:
- Sign in count: How many times the user has logged in to their KnowBe4 account.
- Created at: When the user was added to your KnowBe4 account.
- Confirmed at: When the user confirmed their account.
- Confirmation sent at: When the confirmation email was sent to the user.
- Last sign in at: The user's last recorded login.
- Last sign in IP: The IP address collected when the user last logged in.
Personal Risk Score
The Personal Risk Score area of the user profile displays charts illustrating that user's current risk score, risk score history, and risk score factors.
For more details about Personal Risk Score and what each graph represents, see Personal Risk Score Charts and Graphs in our VRO Guide.
Personal Phish-Prone Percentage and Phishing Details
The personal Phish-prone Percentage of your user is displayed, based on the number of phishing test failures divided by the number of phishing emails delivered.
The Phishing area displays all phishing emails delivered to a user that the user has somehow interacted with, whether by clicking, opening an attachment, or reporting the email as a phishing email through the Phish Alert Button (PAB). You can click or hover over each icon for additional information.
The user's training details area displays all campaigns that the user has been enrolled in, as well as the following details:
- The user's status on each campaign
- Whether the user has started, completed, or has yet to begin their training
- Whether or not the user has acknowledged the URL policy associated with the training assignment
- How much time the user spent on the training assignment
- Downloadable completion certificates available for that user
The events timeline, located at the bottom of your user's profile, shows a complete history of your user's interaction with tests and training in the console over time. You can use the drop-down fields at the top to filter your results if you are looking for specific events or events within a specific time frame.
Use the Event Type drop-down menu to select a type of event. To select multiple options, after you've selected an event type, click the drop-down menu again and select another option. You can remove an event type from the filter by clicking the 'x' next to the name of the event type. You can also use the Date Range drop-down to specify a time range. You can even use this option to specify a custom date range.
The event timeline begins when the user is added to the console and records all of the below events:
- General user events
- User was created
- User logged in
- Phishing test-related events
- User received an email
- User clicked a link
- User opened an attachment
- User reported an email using the PAB
- Training-related events
- User was added to a training campaign
- User started a training assignment
- User completed a training assignment
- User's email was found in a security breach (part of VRO/Risk calculation)
- A click or other failure type was removed from phishing test results
Data breach involvement events may appear on the timeline as happening before your user was added to the console, as they respect the dates that a data breach was reported. For example, a user who was added in 2018 may have been found to be part of a data breach that was reported in 2012.