Alpha Authentication
Overview of authentication methods in Alpha Platform
Authentication
Alpha Platform supports multiple authentication methods to ensure secure and convenient access.
Supported Authentication Methods
| Method | Description | Best For |
|---|---|---|
| Email/Password | Traditional credentials | All users |
| Magic Link | Passwordless email link | Quick access |
| OAuth/SSO | Google, Microsoft sign-in | Enterprise users |
| Passkey | Biometric/hardware key | High security |
Security Features
Session Management
- Sessions expire after 24 hours of inactivity
- Active sessions can be viewed and terminated
- Multi-device login is supported
Two-Factor Authentication
Additional security layer available:
- Time-based one-time passwords (TOTP)
- Hardware security keys
- Passkey authentication
Authentication Flow
Account Creation
Users cannot self-register. Accounts are created through:
- Administrator invitation - Admin sends email invitation
- Buyer registration - Through construction project portal
- E-commerce registration - Through shop module (if enabled)
Best Practices
For Users
- Use a strong, unique password
- Enable passkey authentication for convenience and security
- Sign out from shared devices
- Report suspicious activity immediately
For Administrators
- Enforce minimum password complexity
- Review active users periodically
- Remove access for departed employees promptly
- Monitor failed login attempts