@@ -64,6 +64,50 @@ The :guilabel:`Portal` user option does **not** allow the administrator to choos
6464These users have specific access rights pre-set (such as, record rules and restricted menus), and
6565usually do not belong to the usual Odoo groups.
6666
67+ User devices
68+ ============
69+
70+ For security purposes, when a user logs into the database, the various login information, such as
71+ the IP address, is stored in the user's profile. It is best practice to check this periodically, to
72+ ensure all access is from the user, and no one else has accessed the database.
73+
74+ To check the logged-in devices, click the user icon in the upper-right corner, and click
75+ :guilabel: `My Profile `. This opens the user's profile in the **Settings ** app. Click the
76+ :guilabel: `Devices ` tab to view a Kanban list of all devices the user has logged into the database
77+ with. Any device currently logged into the system displays a green circle next to the device name on
78+ the Kanban card.
79+
80+ .. image :: users/devices.png
81+ :alt: The Kanban view of all user devices.
82+
83+ Click on a card to view the details for the device. Each card displays the :guilabel: `User ` name,
84+ the :guilabel: `Name ` of the device, the :guilabel: `Last IP Address ` used as well as the
85+ :guilabel: `Linked IP Address `. It also shows the :guilabel: `First Activity ` and :guilabel: `Last
86+ Activity `, which shows when the device first logged into the database, and the last time it was
87+ active on the database.
88+
89+ If a device is a legitimate device, and should be stored in the database, click :guilabel: `Save `. If
90+ the device should be removed from the list of devices, but is not a security threat (is a legitimate
91+ login), click :guilabel: `Delete `.
92+
93+ .. image :: users/individual-device.png
94+ :alt: The device details for one device.
95+
96+ Revoke devices
97+ --------------
98+
99+ If a listed device is **not ** a legitimate user device, and could be a potential security risk,
100+ remove the device and revoke access by clicking the :guilabel: `Revoke ` button.
101+
102+ A :guilabel: `Security Control ` pop-up window loads, asking to `Please confirm your identity by
103+ entering your password `. Enter the user's password, then click :guilabel: `Confirm Password `.
104+
105+ The device disappears from the :guilabel: `Devices ` tab and can no longer be used to log into the
106+ database.
107+
108+ .. image :: users/security.png
109+ :alt: The security pop-up window asking to verify the account with a password.
110+
67111.. _users/deactivate :
68112
69113Deactivate users
0 commit comments