Concerns‎ > ‎

IP Checking Security Feature

W2W prevents users from sharing url links for security reasons.  Active links should never be shared.

Each user should be accessing our system using their own individual username and password or you can export to Google Calendar and share that calendar with people that need access to published schedules without a login

Because our system is checking your IP address during your session, if your IP address changes this will log you out and show this error message:

Your computer's IP address just changed,
so your session was expired for security reasons.
 

If you see the error message: This indicates that your computer or network may be running a program that is periodically changing the IP address of your computer.  When this happens, whether you have been accessing your account just a second ago or several minutes ago, you will see a "Session Expired" notice.  This is because for security reasons our system ties your computer's IP address with your session ID, and if a different IP address tries to access that same SID, our system will not allow it and shows the session expired warning.

If you are the main manager on the account, you can go to SETTINGS > Company/My Info and set "IP CHECKING Security Feature" to On or Off for the entire account. 

If you turn this feature Off, then our system will not check IP addresses for any user in the account and  users will not be kicked out of the system when their IP address changes. This only recommended in cases where your organization runs load balancing software, or IP changes during sessions cannot be avoided.

For added security, note that In addition to tying the regular login page session to a specific IP address, the user can also click the ‘Sign Out’ link on their session when they are done with it to ensure someone cannot try to use the old session link at a later time even if on the same IP address once the session has gone dormant for more than 20 minutes. 


We always recommend using the ‘Sign Out’ link whenever logging in from a shared computer or device and never sharing a live session link with others on the same IP address as that gives access to their session until signed out.

 

Note our mobile logins and app sessions do NOT require a static IP address as mobile use often changes IP addresses in mobile connections, so using ‘Sign Out’ is important there if using on a shared mobile device.



employee kicked out, expired session, error message kicks me out off