Skip to content

Locking User Accounts After a Security Breach

In the event of a security breach, System Administrators can take immediate action to prevent further unauthorised access by locking affected user accounts.

Note

The following can only be performed by a System Administrator.

Step 1 – Access the User Administration Area

  1. Navigate to Administration → Users from the Menu Button

  2. Use the filters or search options to identify the users whose access needs to be revoked.

  3. Select one or more user records by ticking the checkboxes next to each username.

User Admin Select All Users - Light User Admin Select All Users - Dark

Selecting Multiple Users

Clicking the checkbox at the top of the user list will only select the records currently visible on the page.
If your filter criteria match more records than are displayed, use the menu option shown in the preceding image to choose Select All Results. This will select all matching records across all pages.

  1. Click the Mass Update button.

User Admin Mass Update Menu Option - Light User Admin Mass Update Menu Option - Dark

  1. In the Mass Update modal:
  • Select the Is Active field.

User Admin Mass Update Is Active Field Selection - Light User Admin Mass Update Is Active Field Selection - Dark

  • Set the Is Active field to False.

User Admin Mass Update Is Active Field False - Light User Admin Mass Update Is Active Field False - Dark

  1. Click Update to confirm the mass update.

Note

Any user account set to Inactive will be immediately prevented from logging in. If a user is already logged in when this change occurs, they will be automatically logged out.

Step 2 – Reset User Passwords

Once user accounts have been deactivated, System Administrators should reset user passwords to maintain system security and prevent unauthorised access.

There are several different ways to reset the Users password depending on your need:

Additional Recommendations

  • Communicate Internally: Notify relevant stakeholders about the breach and actions taken.
  • Audit Logs: Review login and activity logs to identify any suspicious access.
  • 2FA Enforcement: Confirm that all reactivated accounts are configured with two-factor authentication.
  • Review Permissions: Evaluate Role and Permission settings to ensure no excessive access exists.

Taking swift action to lock accounts and reset credentials is critical to preserving the security of your system.

See also