Frequently asked questions

Create an account via the sign-up process of one of the supported IRIS Cloud products. If someone else in your organisation has already signed up on your company’s behalf, you may receive an invite from them. Once you’ve created an account with one product, when you sign-up for another supporting product, it will recognise that you already have an account.

It is likely your account was migrated from another IRIS Cloud product. As we move our products over to IRIS Identity, we will migrate accounts where it is safe and practical to do so.

IRIS Identity only needs your name, email address, and a password, with an optional password recovery question and answer. See the IRIS Privacy Policy for details on how we manage your information.

You can change your name and password via the Account Management screen of one of the supported IRIS Cloud products. Changing your email address may be possible as long as your new email address is not already in use in another account. Refer to the specific product Help Centre for more information.

To protect our customers’ details, accounts become locked if a password is entered incorrectly several times in a row. There are additional factors that can lead to a lock, such as unsuccessful login attempts from suspicious devices or IP addresses. Accounts automatically unlock after 30 minutes, but you can manually unlock your account immediately by clicking on the link in your email and entering the correct password.

If you receive an email telling you your account is locked and you haven’t been trying to log in, it's possible that someone else is attempting to gain access to your account by guessing your password. Report this as suspicious activity immediately using the link in the email.

While IRIS does not currently offer social sign-in via IRIS Identity, this functionality is under constant review. If this is something you would like to see, discuss this with your IRIS account manager.

Yes, we do. If you want to federate your directory with us so your employees can log in to IRIS using their corporate account, contact your IRIS account manager.

Select the Need Help Signing In? link under the sign in box and then select Forgot Password?. Enter your email address in the box and select Reset via Email. You'll receive an email with a link. Select the link and then enter a new password.

Not all IRIS products use IRIS Identity at the moment but we're gradually rolling it out across our product portfolio. Speak to your IRIS account manager to discuss when it will be available in your product.

For your security, our password policy requires a minimum password strength. It’s possible that your favourite password is not secure enough to meet the minimum requirements. The policy is described on the password creation screen. Note that IRIS may periodically change the policy following guidance from our security specialists.

You can set a preferred picture when you activate your account. This gives you extra assurance when you’re logging in that you’re attempting to access the correct account. If you see an unfamiliar picture or the picture does not appear, you might have entered the wrong email address. If the account was created on your behalf, this option is not available.

You should always log-in via one of our supporting products. You will be redirected to IRIS Identity and then redirected back to the application after successfully logging in. If you’ve bookmarked or directly navigated to identity.iris.co.uk, you can still log in, but the system will not know which application to send you to, so you will be directed to the IRIS home page instead.

It's possible that someone has managed to maliciously gain access to your account. IRIS always sends verification emails whenever key account information changes. These emails contain a link that allows you to report suspicious activity direct to IRIS. Select the link to submit a report. You should attempt to log in to your account and change your password as soon as possible. Contact IRIS Support if you're unable to log in.

IRIS works with Okta, a market-leading Identity Management specialist, to securely manage your details. See the Okta compliance status.

IRIS employs a wide range of tools to help protect your account, including password policies, multi-factor authentication, and the use of machine learning to detect unusual behaviour during log in. We also co-ordinate with industry specialists to maintain a blacklist of suspicious IP addresses. Users still need to be vigilant and protect their credentials. Be mindful of phishing attacks, malware, and other attempts to circumvent our protections. We will email you as soon as we detect anything unusual and whenever anyone attempts to change your email address or password. You should inform us immediately if you believe your account has been compromised.

Yes. You can do this via the account management screen on one of our supporting applications.

By default, IRIS allow users to enable MFA at their own discretion. But some of the sensitive user roles within our products will require the enforcement of MFA. If you are in one of these roles, you’ll be prompted to enable at least one factor the first time you attempt to log in. It’s a good idea to set two factors, so you have a backup in case you’re unable to access your primary factor.

IRIS supports authenticator apps such as Google Authenticator and Okta Verify, email verification and secure hardware keys such as Yubikey. We are constantly reviewing the factors we support, so if there is something you think we should include, contact your IRIS account manager to discuss it.

SMS text messaging is generally considered an insecure means of enforcing additional factors on user accounts. Following guidance from security specialists, IRIS has made the decision not to implement it on the IRIS Identity platform.

Yes, you can do this via the Account Management screen in a supported product. You can de-enroll from factors and include additional factors as many times as you want. However, if your role mandates that MFA is required for you to log in to one of our products, make sure you always have at least one enabled.

Make a request via IRIS Support to have your MFA factors reset.