At Dynamics ATS, we prioritize the security and confidentiality of user data. Below are the key details about authentication and security protocols for our portals:
Password Storage
User passwords are stored securely using SHA-256 password hashing. This ensures passwords cannot be decrypted. If a user forgets their password, they will need to go through the password recovery process to regain access.
Third-Party Authentication
For users logging in via third-party providers like Microsoft or Google, the system only stores the provider's ID linked to the user’s email. The actual password stays managed by the third-party provider and is not stored in our system.
Data Handling
User data is handled securely and only retrieved during active sessions:
Data is fetched from CRM using the Dynamics REST API over HTTPS when the user logs in.
No data is cached or stored locally after logout, ensuring that no sensitive information remains accessible.
Security Protocols
To keep robust security:
All data transactions are conducted over HTTPS for encrypted communication.
Portals are safeguarded by a Web Application Firewall (WAF), which helps defend against web application attacks, such as SQL injection or cross-site scripting (XSS).
Two-factor authentication (2FA)
Our portals support multi-factor authentication (MFA), allowing users to provide an extra layer of security for their accounts. This optional feature enhances protection by requiring an additional verification step beyond the password.
For further questions or help, please contact our support team.