Answer
To further improve security, Lightning Payroll now allows you to create user profiles and set permissions for each user profile individually. This gives you complete control over who can access your Lightning Payroll and what data they can view or actions they can take.
Setting up users is very easy, but before you start, you need to set a password for the application administator. The application administrator can setup other users and determine what kind of access they have within Lightning Payroll.
Setting Up Users
To setup the application administrator, you'll need to go to Settings >> Password And Security and enter an application administrator password.
Once this is done, you can begin adding users to Lightning Payroll.
To do this, click on the Add New User button. You will be prompted to add a username and email address (for password reset emails), along with the user's login password. Finally, you can select which companies a user has access to.
Once you've clicked Save, the user will be added. You can then select the App Permissions assigned to that user for each section of the program.
App permissions fall into three categories:
- Locked? (Cannot access section)
- Read Only? (Can view, but not change data in section)
- Editable? (Full access to section)
You can select which permission you'd like the user to have for a particular section by clicking in the appropriate box. The image below shows our test user John Doe being assigned 'Editable' permissions for the Employees and Pays sections of the program, but 'Read Only' permissions for the rest of the sections.
You may notice that the Settings, Entities and Tools sections have (G) next to them - these sections of the program are used across multiple companies (if you have multiple companies set up within Lightning Payroll). In the example above, if we had more than one company in Lightning Payroll, John Doe would have 'Read Only' permissions for Settings, Entities and Tools across all companies.
Editing or Removing Users
The application administrator can edit the permissions for users, or remove users whenever required.
Deleting a user will not remove any of the work they have completed in Lightning Payroll, it will simply prevent them from logging into the program going forward.
Logging In as a User and Logging Out
When opening Lightning Payroll, you will be asked to choose which user you would like to login as; select the user from the username drop-down menu, then enter the password for that user.
To log out of a user, simply close Lightning Payroll.
Forgotten Password
If the application administrator has forgotten their password, they can attempt to enter their password three times at the login screen; after the third failed attempt, the program will shut down, and a recovery password will be sent to the email address registered to the Lightning Payroll subscription.
The process is the same for a non-administrator user who forgets their password to receive a temporary access password to their own email address. However, please keep in mind that only the application administrator can change non-administrator users' passwords permanently, by clicking Edit Selected User in the Settings >> Password And Security section of Lightning Payroll.
Lightning Payroll Web Application: User Management System
To start setting up user accounts in the web application of Lightning Payroll, you will need to navigate to Settings > User Management.
To begin adding users, click the Add New User button. You will be prompted to add a username and an email address, along with the companies this user has access to.
Once you've clicked save, a new user will be added. The user will be sent an email with their username and a link to allow them to set a password for their account. They must follow this link and set a password before they are able to log in.
With the user added, you can now select what permissions this user has to access each section of the program. The permissions categories remain the same as on the desktop app, and are categorised into Locked, Read Only and Editable modes.
You can select which permission you'd like the user to have for a particular section by clicking in the appropriate box.
The account holder/administrator can edit the permissions for users, or remove users whenever required. Deleting a user will not remove any work they have completed in Lightning Payroll, it will simply prevent them from logging in from there onwards.
Users log into the web application through the same login address as usual, although they will need to use their username as opposed to their email address when logging in. Once the details are entered and the two-factor authentication is complete, they will log into your database.
To log out of a user, use the Logout button located in the sidebar.
If an administrator or a user has forgotten their password, they can request to have it reset via the "Forgot password?" button displayed on the login screen. The same rule applies here, where administrators will use their registered email, and users will use their username when requesting to reset their password.