Skip to main content

Device Recognition and Trusted Device Management in PyjamaHR: Preventing Account Lockouts and Ensuring Secure Access

Updated over 4 months ago

Executive Summary

PyjamaHR uses advanced device recognition and trusted device management to protect your account from unauthorized access and hijacking. This system automatically detects logins from new devices, locations, or browsers, and flags suspicious activity—sometimes resulting in temporary account suspension. Understanding how device recognition works, how to manage trusted devices, and best practices for multi-device access will help you avoid lockouts, maintain compliance, and keep your team productive.

Detailed Overview

What Is Device Recognition and Trusted Device Management?

Device recognition in PyjamaHR is an automated security feature that tracks which devices, browsers, and locations are used to access your account. If the system detects logins from multiple devices, locations, or browsers—especially simultaneously—it may flag the account for "suspicious activity" and temporarily suspend access. This is part of PyjamaHR’s SOC-2 compliance and anti-hijacking protocols, designed to prevent account takeovers, credential sharing, and unauthorized access.

Key Business Benefits:
- Prevents account hijacking and data breaches
- Ensures compliance with SOC-2 and industry best practices
- Protects sensitive candidate and company data
- Encourages proper user management and access control

When and Why Is This Used?

  • Multiple logins from different devices or locations (e.g., laptop at home and desktop at office, or India and Dubai) are detected.

  • Simultaneous logins from more than one device or browser.

  • Credential sharing among team members instead of using separate user accounts.

  • Frequent changes in IP address (e.g., using dynamic VPNs or traveling).

  • Login from a new device, browser, or location not previously associated with the account.

Integration with Other PyjamaHR Features:
- Works alongside user access management (Super Admin, Admin, Recruiter, Hiring Manager, External Recruiter, Interviewer roles).
- Tied to the security system that also manages password resets, 2FA, and account recovery.
- Impacts billing if multiple users are required (each user must have their own login).

Step-by-Step Guide: Managing Devices and Avoiding Account Lockouts

1. Understand PyjamaHR’s Device Policy

  • One user credential = one person, one device at a time.

  • Do not share your login credentials with others.

  • Each team member should have their own user account.

2. Adding Team Members Properly

  • Go to Settings > Team Members.

  • Click Invite Team Member and assign the appropriate role (Super Admin, Admin, Recruiter, etc.).

  • Only invite as many users as your subscription allows; additional users are billable.

3. Logging in from Multiple Devices

  • You may log in from more than one device (e.g., laptop and mobile), but not at the same time.

  • Always log out from one device before logging in on another.

  • Avoid simultaneous logins from different browsers or devices.

4. Traveling or Using VPNs

  • If you travel or use a VPN, your location may change frequently.

  • Prefer static IP VPNs over dynamic IP VPNs to avoid triggering security flags.

  • Notify your team and support if you expect to work from multiple locations.

5. What to Do If You’re Locked Out

  • If you see “Suspicious activity detected. Your account has been flagged for suspicious activity. For security reasons, access has been temporarily suspended. Please contact support to restore access.”:

    1. Stop trying to log in from multiple devices.

    2. Contact PyjamaHR support with your registered email and phone number.

    3. Be ready to verify your identity and explain your login pattern (e.g., “I was traveling,” “I changed laptops,” etc.).

    4. Support will manually review and restore access, usually after a quick call.

6. Resetting Your Password

  • After access is restored, change your password to ensure security.

  • Use the “Forgot Password” link on the login page.

7. Managing Trusted Devices

  • PyjamaHR does not currently offer a manual “trusted device” list, but you can minimize issues by:

    • Using the same device(s) regularly.

    • Avoiding frequent device or browser changes.

    • Not sharing credentials.

[Screenshot Callouts:
- Settings > Team Members (showing how to invite users)
- Error message: “Suspicious activity detected”
- Password reset screen]

Advanced Usage & Best Practices

Power User Tips

  • Assign proper roles: Use the correct user access type for each team member (see Understanding Access Types).

  • External Recruiters and Interviewers: These roles are non-billable and can be added for limited access without extra cost.

  • Static IP VPNs: If your company uses VPNs, configure them to use static IPs to avoid triggering security flags.

  • Device Registration: If you must use multiple devices (e.g., office and home), inform support in advance and provide device details.

Do’s and Don’ts

Do:
- Add every user as a separate account.
- Log out from one device before logging in on another.
- Use the same browser and device as much as possible.
- Notify support if you expect unusual login patterns (travel, device change, etc.).

Don’t:
- Share your credentials with colleagues or assistants.
- Stay logged in on multiple devices at the same time.
- Use dynamic VPNs that change your IP address frequently.
- Ignore repeated lockouts—this may result in permanent restrictions.

Troubleshooting & Common Issues

Common Error Messages and Solutions

“Suspicious activity detected. Your account has been flagged for suspicious activity. For security reasons, access has been temporarily suspended. Please contact support to restore access.”
- Solution: Contact support with your registered email and phone number. Explain your login situation. Support will verify and restore access.

“Account locked after logging in from a new device/location.”
- Solution: Wait for support to review. In the future, avoid simultaneous logins and notify support if you expect to change devices/locations.

“I only use one device, but still got flagged.”
- Solution: Check if you are logged in on multiple browsers or if your device’s IP changes (e.g., due to VPN or mobile data). Log out from all devices and log in again.

“My whole team is locked out.”
- Solution: Only the flagged user is locked out; other users should still have access. If not, contact support.

“I need to transfer Super Admin access.”
- Solution: Invite the new Super Admin as a user, then remove the old one.

“I want to use my account on both my laptop and mobile.”
- Solution: Allowed, but not simultaneously. Always log out from one before logging in on the other.

Recovery Procedures

  • Contact support via chat or phone with your registered details.

  • Explain your login pattern (travel, device change, etc.).

  • Reset your password after access is restored.

  • Add all team members as users to avoid future lockouts.

When to Contact Support

  • You are locked out and cannot resolve with a password reset.

  • You need to register a new device or location.

  • You have a complex team structure (multiple offices, remote work, etc.).

  • You need to transfer Super Admin access.

Comprehensive FAQ

1. Why did my account get flagged for multiple logins?

PyjamaHR detected logins from different devices, browsers, or locations (sometimes simultaneously), which triggers the security system to prevent unauthorized access.

2. Can I use my account on both my laptop and mobile?

Yes, but not at the same time. Always log out from one device before logging in on another.

3. Can my assistant or team member use my credentials?

No. Each user must have their own login. Sharing credentials will result in account lockout.

4. What if I travel or work from multiple locations?

Notify support in advance if you expect to log in from new locations. Avoid simultaneous logins from different places.

5. Can I use a VPN?

Yes, but use a static IP VPN. Dynamic IP VPNs may trigger security flags due to frequent IP changes.

6. How do I add more users?

Go to Settings > Team Members > Invite Team Member. Assign the appropriate role. Additional users are billable.

7. What if my account is locked and I need urgent access?

Contact support with your registered email and phone number. Explain your situation for expedited review.

8. Can I see or manage a list of trusted devices?

Not currently. Minimize device changes and use the same device(s) regularly.

9. How do I transfer Super Admin access?

Invite the new Super Admin as a user, then remove the old one.

10. Can I log in from different browsers on the same device?

Avoid simultaneous logins from multiple browsers. Log out from one before using another.

11. What if my team is remote or distributed?

Each user must have their own login. If you have a distributed team, purchase additional user licenses.

12. What if I get flagged repeatedly even after following the rules?

Contact support. There may be an issue with your network (e.g., dynamic IPs) or device setup.

Related Features & Next Steps

Connected PyjamaHR Features

  • User Access Management: Assign roles and manage permissions for each team member.

  • Two-Factor Authentication (2FA): Adds an extra layer of security.

  • Password Reset: Use if you suspect your account is compromised.

  • Audit Logs: Track user activity for compliance.

  • Review and update your team’s user access regularly.

  • Educate your team on proper login practices.

  • Set up static IP VPNs if your team works remotely.

  • Use 2FA for all users.

Summary

Device recognition and trusted device management in PyjamaHR are critical for account security and compliance. By following best practices—using individual logins, avoiding simultaneous device use, and notifying support of changes—you can prevent lockouts and keep your hiring operations running smoothly. For complex scenarios or recurring issues, always reach out to PyjamaHR support for personalized assistance.

Did this answer your question?