What is Storable ID?

With Storable ID, you can log into Storable Easy - and eventually, all Storable applications - with a single user account instead of separate logins per app or facility. A new Single Sign On (SSO) dashboard has been created for this purpose and includes Multi-Factor Authentication (MFA) for enhanced security. Storable ID also gives you full administrative user management. You will no longer need to reach out to Storable Easy Support to reset passwords, resolve account lockouts, or complete other user management tasks.

This FAQ includes answers to common questions about implementing Storable ID and preregistration steps to ensure a smooth transition.

Watch this short video for a walkthrough of the Storable ID setup process:

Does my organization need to implement MFA?

Registering your organization for Storable ID is optional but recommended for enhanced security and PCI compliance. To meet Payment Card Industry Data Security Standard (PCI DSS) protocols, your organization may be required to implement Multi-Factor Authentication (MFA) by March 31, 2025. Creating a Storable ID allows you to transition your company’s login process to meet this requirement.

The most common category of cyberattacks is called Account Compromise Attacks, where cybercriminals obtain valid credentials either from the dark web or by tricking individuals into providing their login credentials. Once acquired, they can easily log into your systems and access sensitive operational and tenant data.

The most effective way to prevent this type of attack is by implementing Multi-Factor Authentication (MFA). A Microsoft study (*source) found MFA to be 99.9% effective at blocking account compromise attacks. It’s also worth noting that beginning on March 31st, MFA will be a requirement by the PCI DSS regulation for any system with access to cardholder data. 

How does logging into Storable Easy with a Storable ID work?

If you choose to enroll your organization in Storable ID, the Storable Easy login screen will be updated to redirect users to the Storable SSO dashboard when they click the Log in button. After clicking Log in, the SSO dashboard login screen will open in your internet browser. Users will be prompted to set up an authentication method on the first login. At future logins, users will be asked to enter their login credentials and a verification code from their verification method.

If users on your account access more than one Storable FMS (Storable Edge, SiteLink by Storable, or Storable Easy), they can use their Storable ID to log in to all applicable software.

What should I be aware of before registering my organization for Storable ID?

• Once Storable ID is turned on for your organization, it cannot be turned off.
• If you enable Storable ID for your organization, it will be turned on for all facilities associated with your Storable Easy company.
• Storable ID requires Multi-Factor Authentication (MFA) and users can utilize one or more of the following methods of authentication: Google Authenticator, Okta Verify App, Security Key or Biometric Authentication, and/or Email.
• After registration, all users on your account will be prompted to set up a Storable ID and MFA. 
• You will have the choice to make Storable ID required or optional for users. Please note that MFA is required for PCI compliance.
• User roles (Managers and Sales Associates) and settings of existing users will not change when using Storable ID. Once Storable ID is implemented for your organization, users will be created and configured in the Storable ID portal instead of within Storable Easy. Portal Admins can reset passwords, resolve account lockouts, and manage users in the Storable ID portal.

What do I need to do before registering?

1. Identify the administrative user who will be responsible for implementing Storable ID. Only one user should activate and configure your Storable ID settings. If MFA is activated without consulting the rest of your team or if multiple users attempt to activate Storable ID, your organization will likely experience widespread login issues.

2. If your employees share email addresses, we recommend giving each user an individual company email to simplify registration, login, and MFA. If you choose not to provide individual email addresses, please be aware of the following:

• • Each employee who shares an email address will need to create a unique username. The username doesn’t have to be a valid email but must be formatted as an email address (Ex: john.doe@yourcompany.com). We recommend identifying the username format you wish your employees to use.
  • Employees with a shared email may not be able to reset their own passwords via email and may be required to contact an Admin user to get a temporary password.
  • If employees with a shared email make too many login attempts, they will be required to contact an Admin to unlock their account.
    

3. Decide which authentication method(s) you will allow your users to choose from. You can select one or more of the following: the Google Authenticator app, the Okta Verify app, Security Key or Biometric Authentication, and/or Email. If you choose Google Authenticator and/or Okta Verify, users must download the desired app on their phones.

4. Decide if you will make Storable ID optional or required. If Storable ID is optional, users will be prompted to set up Storable ID each time they log in; however, they can skip setting it up. We recommend starting with this setting as optional and choosing a date to make it required. This gives your employees time to complete registration while ensuring they can still access the system if any issues arise while it is optional. Be sure to communicate with your team throughout the process so everyone is prepared before access becomes mandatory. Once you make Storable ID required, you cannot change it back to be optional.

5. Decide which security settings you want users to have.

• Lock-out policy for failed attempts: Should users get locked out of the software after failing to log in? If so, how many attempts will you allow before lockout? The maximum number of attempts you can set is 10. Users who get locked out will need to contact an administrator at your organization to regain access. 
• Multi-factor challenge frequency: How often will users need to complete an MFA challenge? You can set challenge frequency between 1 and 14 days.

6. Communicate with your organization.

• Communicate with owners about registration and who will register.
• Communicate with non-owners about what to expect after registration (e.g., they will be prompted to set up their Storable ID and MFA. Depending on your settings, they may need to download an authentication app).
• If users will be using Google Authenticator or Okta Verify, you may want to encourage users to install the correct app in advance. Please be aware that there may be copycat apps in the App Store, and ensure everyone is using the official app. Google Authenticator and Okta Verify do not cost anything.
• We’ve created communication recommendations and a template to help you communicate with your employees.

What resources are available to help me set up Storable ID at my organization?

To support you in rolling out Storable ID, we've put together helpful resources:

• Employee Communication: Use our communication recommendations and template to inform your team about Storable ID.
• Admin Setup: Follow the steps in our Storable ID Enablement Guide for Admins to enable it for your organization.
• Employee Setup: Direct your team to the Storable ID Enablement Guide for Non-Admins for their setup instructions.
• MFA Setup: If you're using Okta Verify or Google Authenticator for multi-factor authentication, refer to our MFA setup guide for step-by-step instructions.
• User Management: After Storable ID is set up, learn how to manage users in the Portal with our User Management Guide.

Enable Storable ID and configure your Storable ID settings

Once you're ready to enable Storable ID, follow the instructions in our article: Storable ID Enablement guide for Admins.

Please note: The first person to go through the MFA configuration process will be marked as the sole Admin for your account. By default, this person will be the only one who can add, delete, or edit existing users in addition to making MFA settings adjustments. If you would like to grant an additional user these permissions, you can do so by applying the Admin role to their user profile in the Storable ID portal.