Setting Up Login Options

The Login Setup window allows administrators to set login defaults for your firm, such as the mode of authentication (either CCH Axcess or Federation Services), session timeout parameters, and password configuration.

Notes:

  • New firms and firms using the CCH Axcess or Federation Services method can no longer select to use the Active Directory® method. This method will be removed in the near future. Until then, firms who already use Active Directory® are not impacted by this change.
  • For firms that prefer to use Active Directory® authentication, we recommend using the Federation Services method. New Federation Services implementations should be the Passive type. The Active type is only available to firms who have previously set up that type.

To set up your login configuration, do the following:

  1. Open Dashboard, click Application Links on the navigation panel, and then click Firm settings and defaults under Firm.
  2. Click Login Setup on the navigation panel.
  3. Select a login mode, and then set the configuration options for that mode.
    • ClosedCCH Axcess.
    • ClosedActive Directory®.
    • Note: We recommend for firms that prefer to use Active Directory authentication select the Federation Services method.

    • Federation Services
    • This option is unavailable until you have selected Enable Pilot mode for Federation login and successfully completed a pilot test by the default system administratorClosed A user account created at installation with full rights and ownership of the organizational structure..

    • Once you select this option, the Federation Services Login setup window displays. Confirm the settings from the pilot test and click Finish.
    • ImportantWolters Kluwer may need to make changes to your account to ensure continued access to CCH Axcess after you implement Federation Services. Before beginning Federation Services setup, we recommend reviewing the knowledge base article Planning for Changes to CCH Axcess Login Mode, and then contacting Wolters Kluwer so we can make the necessary changes.

    • ClosedExplain the components of the window.

      *These options are available after Federation login settings are established.

  4. Click OK to save your changes.

Comparison of Login Options

The following table compares the behavior based on your authentication method.

Notes:

  • Your firm must already be set up to use the Active Directory® login method. Firms using the CCH Axcess or Federation Services method cannot change to the Active Directory® method.
  • CCH Axcess defaults to using a secure connection to read from Active Directory®. If your server cannot support secured connections, you must modify the CCH Axcess settings to revert to a standard connection.
      CCH Axcess   Active Directory Federation Services
Active   Passive
On Domain Off Domain On Domain Off Domain
Login window Users receive a login window when launching CCH Axcess. Yes* No No Yes* See note below Yes**
Password complexity

Passwords must be at least 8 characters and no more than 32 characters, contain an uppercase letter, a lowercase letter, a number, and a special character.

Yes No No No No No
Password expiration You must reset your password at a maximum of every 30 to 90 days. Yes No No No No No
Session timeout due to inactivity You are prompted to log back in at a maximum of 30 inactive minutes. Yes No Yes Yes Yes Yes
24 hour re-authentication You are prompted to re-authenticate your credentials after 24 hours, regardless of activity. Yes No Automatic Yes Automatic Yes
Bot detection You must enter CAPTCHA text with each log in. Yes No No Yes No No
2-Step Verification You are required to enter a code to authenticate your identity on an initial login, and then reauthenticate at set intervals. Yes No No No No No

* Login window is maintained by CCH Axcess.

** Login window is maintained by Microsoft® Windows®.

Note: For Federation Services Passive mode users that are on domain, the display of a login window depends on the firm's Federation Services settings. For this log in method, firms can require users to provide their network credentials to log in.