OnBoard Authentication has 2 parts - Username and Password.
Let's say your directors use Google (or yahoo/MS Live) as the authentication source.
The following needs to be understood:
- ONLY the authentication is handled by Google (Yahoo/MS Live). This ensures that even Passageways staff does not have access to your login information. Also, none of your board information ever goes to a Google (Yahoo/MS Live) server. This provides a key set of security checks and balances.
- Instead of authenticating on our website, we let Google confirm you are who you say you are, and then let you into the organization you have created on our servers, which is different than the authentication source.
- This means that instead of a username such as "johndoe" on our servers, your directors may use "firstname.lastname@example.org" (on the authentication source's servers). The password would/could have been the same in either case.
- We don't need your directors to use Google after the very first time when the directors (or your staff, as a proxy for them) needs to go and accept the invitation you have sent to them.
- For more information on sites to allow for OnBoard authentication access, please click here.
- Thereafter, you get to pick another email (whatever they commonly use) to get notifications on new information from Passageways. So the notification email can be of your choice, even if you use Google for authentication. In summary, there is a difference between the authentication email and the notifications email (which is the mailbox you use on an ongoing basis to get your board notifications).
- The convenience really kicks in if your directors use the same Google credentials for other boards that they may serve on, or for any other website that accepts Google authentication - including Amazon, Facebook etc.