Vertafore Single Sign-On Change Notification
We want to remind all admins of the upcoming changes to VSSO (Vertafore Single Sign-On). During our regular maintenance window on the evening of September 4, 2020, we will be upgrading the VSSO login experience as well as improving security settings within the application. No additional action is required by customers with this change.
How will you be impacted?
- The login experience for Vertafore solutions through VSSO will look and feel different.
- On the login screen, you can log in, recover your password, or change your password.
- For VSSO-enabled users: On the new login screen the client will put in their email address and click Next, where they will then be prompted to enter in their password.
- For FSSO-enabled users: On the new login screen the client will put in their email address and click Next, where they will then be navigated to their company's enabled SSO service.
Note |
VSSO-enabled users will be able to update their passwords on the new password screen; however, FSSO-enabled users will have to update their passwords through their company's enabled SSO service. |
-
When logging in currently, the user goes to their product login such as www.ams360.com or https://rating.vertafore.com. That login will redirect to the new VSSO login page just like it did with the old VSSO login page. If a user needs to go directly to VSSO (outside of a product), they should use the same URL as in the past > https://vim.identity.vertafore.com/VIM/. For those agencies that restrict access to URLs, you may need to add login.apps.vertafore.com to the whitelist if users report issues getting to the VSSO Login page.
-
All previous security questions utilized during password resets will be removed from the application. Vertafore will transition from security questions to email verification to create additional security for our customers by using an additional distinct factor to confirm an end user’s identity. This helps customers to align with industry standards regarding the use of different factors such as something you know compared to something you have. Additionally, security questions are often repeated by different services and typically contain personal information. By changing to an email confirmation, it provides the benefit of reducing the amount of personal information that a company retains for security questions.
Vertafore is committed to educating you on these changes before they occur, as well as helping you to understand how they may impact you and your business, so you can continue to focus on serving your customers.
We encourage you to share these updates with your team members. If you have any questions or need additional assistance, please reach out to Vertafore Customer Support through MyVertafore or by calling 1.800.444.4813.
-
We will no longer use Security Questions
-
Password Resets will now use an email confirmation flow
-
If you forget your password, click on Forgot Password.
-
When prompted, enter the email associated with your login and click on Send Request. When you click Send Request, you receive will an Account Recovery message.
Forgot Password
Account Recovery
Reset Your Password Message
- In your email inbox, you will see a new email from Vertafore. You will then Click here to reset your password.
Vertafore Email
- You will be redirected back to the reset password page at which point you can enter and confirm your new password. Click on Reset when you are ready.
Reset Password
-
Your password will be reset, and you will be presented with the following Success screen. Click on Continue and you will be redirected back to your applications login screen, enter your credentials and your application will load.
Account Recovery Success
- The Change Password function will allow you to change a password you know to a new one.
-
To change your password, click on Change Password. You do not need to enter email on the first screen.
Change Password
-
When prompted, enter the email associated with your login and your current password at the top. The password policy can be seen by clicking the arrows on the screen to show and hide the policy.
-
When ready, you can enter the new password and confirm it. If you click on Submit, the password will be changed, and you will get a success screen. Click Continue to be directed back to the login screen for your application where you can sign on with your new credentials.
Password Requirements
Change Password Success
-
When you login and your password is within the expiring limit, currently three days, you will get a warning:
Password Expiring
-
You will have two Options:
-
Change the password now and you will go through the Change Password flow and be directed back to your application afterwards. If you click on cancel during the change password flow, you will get the warning again the next time you login.
-
Click Change it later and the warning will snooze and not prompt you again for 24 hours.
-
-
Login Behavior
-
Multi-Factor Authentication (MFA)
-
Usernames and passwords
-
Password Expiration Policy
-
Frequency on how often you can change your password
Q: What happens when you enter your password wrong three times in a row and get locked out? Will you still be locked out for 15 minutes? What happens after the 15 minutes?
- A:Yes, this is unchanged and will remain at 15 minutes.
Q:Will the new user emails expire?
- A: Yes, this will be unchanged, and these emails expire in two hours. Follow the standard process for asking for a new user email.
Q: Will password reset emails expire?
- A: Yes, the self-service email for forgot password form the logon screen will expire in 10 minutes. You will need to re-request a new one from the logon screen.
Q: Will login activity still be shown on the VIM Admin activity screen?
- A: Yes, it should be the same as this information comes from VIM Database.