Why Secure Your Account with MFA?
As a professional hub managing sensitive California Workers' Compensation case data and EAMS legal filings, protecting user identity is our top operational priority.
By activating Multi-Factor Authentication (MFA), you add an unbreakable secondary layer of validation, ensuring that stolen passwords alone are never enough to compromise your legal practice.
1. EMAIL ONE-TIME PASSWORDS (OTP)
For immediate out-of-the-box protection, our Email OTP configuration leverages your business email infrastructure to validate logins seamlessly:
- Dynamic Single-Use Token Delivery: Generates a highly randomized, single-use authentication digits contract delivered directly to your verified professional inbox.
- Anti-Brute-Force Hardening: Enforces zero-tolerance character matching with aggressive token sequence timeouts to instantly eliminate dictionary or automated fuzzing attacks.
- Zero Footprint Configuration: Requires no external hardware or application downloads, making it a clean, accessible security standard for your entire legal and administrative staff.
2. REAL-TIME PUSH NOTIFICATIONS
For legal teams seeking elite, frictionless validation, our real-time Push Notification system offers state-of-the-art cryptographic safety:
- Hardware-Bound Device Signatures: Provisions a distinct, cryptographic asymmetric key pair (
ECDSA P-256) tied uniquely to your specific browser environment and verified mobile device context.
- Zero-Trust Private Key Isolation: Stashes your underlying private security keys securely as non-extractable within localized
IndexedDB architectures, making them completely immune to extraction or malicious XSS vulnerability hooks.
- Asymmetric Handshakes: Every approval request signs an instantaneous, single-use transaction payload containing your localized
SessionID securely across the wire.
- One-Tap Verification: Eliminates the manual copying of codes. Simply review the contextual session parameters displayed on your device screen and click to authorize access securely.
3. MANDATORY PASSWORD COMPLIANCE GUIDELINES
To remain structurally aligned with industry-standard data preservation models and ensure perimeter defense, our authentication engine enforces strict system parameter checks on user accounts:
- Periodic 60-Day Lifecycle Rotation: Our system enforces defensive access patterns by prompting users to change their master credentials every sixty (60) days. This eliminates systemic window exposures linked to legacy data persistence.
- Complexity Pattern Constraints: To eliminate generic dictionary cracking matching entries, every updated or newly provisioned password entry must explicitly contain all of the following structural attributes:
- At least one uppercase letter (A-Z)
- At least one lowercase letter (a-z)
- At least one numeric digit (0-9)
- At least one special character (e.g., !, @, #, $, %, ^, &, *)
- Zero-Exception Sanitization: Passwords that fall short of any segment of these composition patterns are rejected at the edge interface level, triggering an immediate request to input valid compliance parameters.
OUR COMMITMENT TO YOUR FIRM'S PRIVACY
We integrate enterprise security architectures to keep compliance simple.
- HIPAA & DWC Regulatory Guardrails: Ensuring full security alignment for firm personnel, insurance adjusters, medical providers, and legal practitioners connecting directly with state infrastructure.
- Protection from Credential Stuffing: Even if an employee's custom login password is stolen in an external software breach, unauthorized sessions are blocked at the perimeter by the mandatory second-factor handshake.
