Authentication & Security
Qoodo employs industry-standard security protocols to protect your business data.
Registration & Login
Users can join Qoodo by creating a new account or using social login.
Signup Fields
All fields are required to ensure account security and proper categorization.
📝 Registration Fields
| Field | Requirement | Logic |
|---|---|---|
| Full Name | 🔴 Mandatory | First and Last name for profile identification. |
| 🔴 Mandatory | Used for login and password recovery. | |
| Password | 🔴 Mandatory | Must be confirmed to prevent typos. |
| Phone Number | 🔴 Mandatory | Required for contact and verification. |
| Language | ⚙️ Auto | Automatically set based on your current location (English, Hungarian, or Spanish). |
| Usage Type | ⚙️ Auto | Automatically categorized as Company or Individual. |
Usage Types Explained
Qoodo adapts its interface based on how you intend to use the platform:
- Company: Optimized for businesses, restaurants, and professional organizations. This mode enables full HACCP logging, multi-site management, and team invitations.
- Individual: Designed for personal use or independent contractors. This mode focuses on private task management and individual compliance tracking.
🌐 Smart Defaults
Language and Usage Type are pre-selected to speed up your onboarding, but you can always adjust your preferences later in the Profile Settings.
Standard Login
- Email-First Flow: Users enter their email first to check for existing accounts.
- Password Verification: Secure password entry with visibility toggle.
- Forgot Password: Self-service password recovery via verified email.
Social Authentication
- Seamless Entry: Support for Google, Facebook, Apple, and Microsoft.
- Auto-Signup: If an account doesn't exist, Qoodo automatically creates one using your social profile.
- Profile Completion: A one-time setup screen collects any missing details (phone, language, usage type) required for your role.
Security Features
Login Protection (Brute Force Prevention)
To protect accounts from unauthorized access:
- Attempt Limit: After 5 failed login attempts, the account is temporarily blocked.
- Lockout Duration: The user must wait 1 hour before attempting to log in again.
- Notification: Users receive a warning when they are nearing the limit.
Session Management
- Persistent Login: Qoodo uses secure local storage to keep you logged in between sessions.
- Role Hierarchy & Invitations:
- Admin: The primary account holder. There is only 1 Admin per company. Only the Admin can Signup and Purchase Qoodo plans.
- Leader: Once invited by an Admin, a Leader has the authority to invite and manage other roles.
- Standard Roles: Site Manager, User, Guest, Attendee, and External.
- Management: Users are added to the platform via invitations sent from the Home -> Users section by an Admin or a Leader.