Locked Account

Locked Employee Account Information and Troubleshooting

This article will help with finding out how to resolve a locked employee account.

Determining the Locked Reason Code

When an account locks, a reason code will be seen in the audit trail. The reason code will help with identifying why the account was locked. To find the the reason code, see the steps below: 
  1. To find the lock reason code, navigate to the hamburger menu > team icon > My Team > Employee Information. 
  2. On the Employee Information page, click on the quick link icon  for the employee that has the a locked account and click on "Account Audit Trail".
  3. In this page, adjust your date range to be around the time the account was locked which can be done by clicking in the upper right hand area in the date range pill. 
  4. For the "Field Disc" filter, type "Locked Reason" > refresh the report. 

  5. The "New Value" column will display the a code which is the reason the account was locked. 
The locked account reason codes can be found below: 

Resolving the Locked Account Reason

  1. Code 1: VCA Cleared: indicates that the account was manually locked.
  2. Code 2: Invalid Attempts: indicates the employee entered the password incorrectly too many times. 
    1. By default, the account will typically unlock after 30 minutes.
  3. Code 3: New Account Time Limit Exceeded: Checks to see if a new account has logged in during the grace period.
    1. Typically this is 15 days from the account being created.  
  4. Code 8: The accountwas flagged due to being locked within an import.
    1. Implementation will typically unlock these accounts
  5. Code 9: VCA Approval Time Limit Exceeded: Indicates that VCA wasn't approved within the grace period
    1. There is a 72-hour grace period. 
    2. What is VCA? See the Two Factor Authentication section below.
  6. Code 10: VCA Invalid Attempts Exceeded: this code indicates the employee entered the wrong code that was sent to their device too many times. 

When in Doubt: Unlock > Reset > Clear the VCA

If accounts continue to lock, the following will ensure that accounts do not keep locking. 
  1. Navigate to the hamburger menu > team icon > HR Employee Maintenance > Password Unlock
    1. Choose the employees by clicking on the browse icon and check the boxes of the employees that need to be unlocked > Click "APPLY".
    2. Click "UNLOCK" located in the upper right-hand area. 
  2. Navigate to the hamburger menu > team icon > HR Employee Maintenance > Password Reset
    1. Choose the employees by clicking on the browse icon and check the boxes of the employees that need to be reset > Click "APPLY".
    2. Click "RESET PASSWORD" located in the upper right-hand area. 
  3. Two-factor authentication can be clear in one of two ways:
    1. Navigate to the employee's account (Employee Information) > Find the "Two-Factor Authentication" widget > Click "CLEAR VIRTUAL CODE SETTINGS". 
    2. OR: You may clear the two-factor authentication in mass by navigating to the hamburger menu > Cog icon > Mass Edit > Mass Edit Profiles > Check the boxes for the accounts that need to be cleared > Click "MASS EDIT" > Find the "Misc. Fields" widget > "Clear Virtual Code Settings". > click "APPLY CHANGE".

What is Two Factor Authentication? 

Two Factor Authentication (2FA) is a required functionality for all account users that have access to sensitive data, including company admins, managers, and employees. This will send a number code for a user to enter as a second factor to be able to log in to their Elevated account. 

By default, when the account is created, the email and phone that was entered will be the default when users first log in and could be used to receive the authentication code. During the first login, the user may change the email or phone to send the code , and if they do, the VCA Admin list will receive a to do to approve the changes. If the changes aren't approved within 72 hours, the account will lock. If the VCA is not approved within 72 hours, then unlocking the account, and clearing the VCA must be done.  


    • Related Articles

    • Management - Employee Information

      https://zwdrive.com/x2bQQx
    • Mobile App Instructions & Troubleshooting

      Upon adding a new hire or account in Green Leaf Elevated, the end user will receive an email indicating that they must log in on the web to activate and reset their password. They are also given instructions on how to download the mobile app. By ...
    • How to Re-Send Account Created Email

      How to Re-Send Account Created Email Navigate to Hamburger Menu > Team Icon > My Team > Employee Information Locate the Employee(s) you're resending the email to select the checkbox next to their name, then click the ellipses on the right of the ...
    • Employee Notes

       updates notes on employee profiles, you may go into the employee profile and add notes under the icon seen below. Navigation: Hamburger Menu > Team Icon > My Team > Employee Information > Click on the Employee Information icon      Then with the ...
    • Credentials - User Name, Password, Login.

      By default, when you add a new hire, as soon as you activate the "account"/employee profile, the new account (even if this is adding an accountant) will receive an email with a login landing site, company short name, user name and the password ...