Use this form to create new users or edit existing user accounts. Each user requires a unique username and password to access the system.
User accounts control who can log in to your accounting system and what they can do once logged in.
The form contains the following fields for setting up user accounts:
Enter the full name of the user. This appears in the user list and helps identify who has access to the system.
Use their real name for accountability and audit trail purposes.
Enter the user's email address. This serves multiple purposes:
- Users can log in using their email address instead of username
- System notifications and password reset links will be sent to this address
- Must be unique across all users in the system
Enter a unique username for login purposes. This is the primary way users access the system.
Choose usernames that are easy to remember but secure, avoiding common names or simple patterns.
Set a secure password for the user. This password must be kept confidential and shared only with the user.
Strong passwords should include a mix of uppercase, lowercase, numbers, and special characters.
Consider using a password manager to generate and store complex passwords securely.
Select the appropriate user type based on the level of access required:
Administrator - Full system access including:
- Create, edit, and delete all businesses
- Manage all users and their permissions
- Access system settings and configurations
- View and modify all data across all businesses
Restricted user - Limited access with these restrictions:
- Can only access businesses specifically assigned to them
- Cannot view or manage other users
- Cannot create new businesses
- Ideal for accountants, bookkeepers, or staff who need access to specific businesses only
For restricted users, select which businesses they can access. This list shows all businesses in the system.
Users will only see and can only work with the businesses you assign to them here.
You can update this list anytime to grant or revoke access to specific businesses.
List of active sessions for this user. Sessions track login activity and devices.
Current session data for authentication tracking.
Check this box to require two-factor authentication for enhanced security. This adds an extra layer of protection beyond just the password.
When enabled, users must:
1. Install an authenticator app (like Google Authenticator or Microsoft Authenticator) on their mobile device
2. Scan a QR code on their first login to link their account
3. Enter a 6-digit code from their app each time they log in
This significantly reduces the risk of unauthorized access even if passwords are compromised.
Indicates whether the user has completed multi-factor authentication setup.
When creating user accounts, follow these best practices:
- Use strong, unique passwords for each user
- Enable multi-factor authentication for sensitive accounts
- Regularly review and update user permissions
- Remove access for users who no longer need it
Choose the appropriate user type based on the access level required:
Administrator users have full system access and can manage all businesses and settings.
Restricted users can only access specific businesses assigned to them, making this ideal for accountants or staff who work with limited clients.