To support security best practices, 6sense must ensure that users are made aware of logins to their account from new locations or devices in case their account may be compromised. In doing so, we’re deprecating our old way of notifying users of new logins within the platform UI due to low visibility, and switching to email-based notifications. That way, users can view the notification even when not actively using the platform.
What does this mean?
Whenever 6sense detects that a user may be logging in from a new IP address or browser, we will alert the user via email that we are seeing a new login to their account. Note that changes to the browser such as version upgrades, incognito/privacy mode, or losing the browser_id tracking cookie may cause the browser to be detected as a new browser.
If the user recognizes the login activity as theirs, they can formally approve it via a link in the email so we can track the approval in the backend as a formally safe-listed login location. They can also reach out to our team for further investigation if the login location appears to be suspicious.
We are not currently blocking un-approved login locations, but we are tracking whether login locations are approved or un-approved. If we support blocking un-approved logins at a later date, it will leverage this approval tracking process to control access to their account.
Who does this impact?
This only impacts customers using basic password-based authentication. For customers leveraging SAML SSO authentication, their Identity Provider should already be performing this login location tracking for them, so these users will not be affected as we do not want to interfere with their internal security procedures.