User Security

Table of Contents

The Security section of a User Record governs what features and fields a user is able to access and edit within PCRecruiter.

To access User Securities in the database:

  1. Select Settings from the main menu.
  2. Select Users
  3. Choose Manage Users
  4. Here you will see a list of all usernames in the database, select the user for which you wish to access security settings. This will open a new browser tab.
  5. Choose the Security block from the icons on the left.

For each option you will be presented with a dropdown of choices varying by section:

  • Full Permission : Unrestricted access to the section
  • No Permission :  No access to the section
  • Add, Save, Delete : The ability to add new, modify, and remove records
  • Add, Save : Cannot Delete records but may add and modify them
  • Add Only : Cannot Delete or Modify records but may add them
  • Read Only : Can view records but may not Add, Modify, or Delete them

System Administrator #

  • Full Permission: Disregards security settings (not including the ‘Other’ section) below and gives the User unrestricted access to PCRecruiter. Use this option to give full Admin rights to a user.
  • No Permission: This setting restricts User access by blocking the User Name and Data Location areas of PCRecruiter.
  • Limited Admin: This setting allows access to the Data Location section of PCRecruiter and restricts access to the User Name section.
  • User Records and Locations: This setting is best used for Web Masters/API Developers as it gives access to the Data Location and User Records.
  • Data Locations Only: This setting is best used for Web Masters/API Developers as it gives access to the Data Location area.

Companies #

  • Records: This refers to all Company Records as a whole.
  • Notes: This refers to the Notes tab found in all Company Records.
  • Activities: This refers to the Activity tab found in all Company Records.
  • Attachments: This refers to the Attachment tab found in all Company Records.
  • Change Company: This refers to the ability to move a name record from one company to another when they have started a job with a new company in your database.
  • Customize Layout (Coming Soon!): Refers to the ability to customize the fields displayed on a company record.
  • Customize Card (Legacy Feature): Refers to the cards displayed when viewing name records in the Pipeline.

Positions #

  • Records: This refers to all Position Records as a whole.
  • Details: This refers to the Details tab of all Position Records.
  • Activities: This refers to the Activity tab found in all Position Records.
  • Attachments: This refers to the Attachment tab found in all Position Records.
  • Customize Layout (Coming Soon!): Refers to the ability to customize the fields displayed on a company record.
  • Customize Card (Legacy Feature): Refers to the cards displayed when viewing name records in the Pipeline.

Names #

  • Records: This refers to all Name Records.
  • Notes: This refers to the Notes tab found in all Name Records.
  • Activities: This refers to the Activity tab found in all Name Records.
  • Attachments: This refers to the Attachment tab found in all Name Records.
  • Resume : This refers to the Resume tab found in all Name Records.
  • Customize Layout (Coming Soon!): Refers to the ability to customize the fields displayed on a company record.
  • Customize Card (Legacy Feature): Refers to the cards displayed when viewing name records in the Pipeline.

Reports #

  • Company Reports: Ability to run Company Detail and Company Summary Reports.
  • Name Reports: Ability to run Name Detail, Name Summary, and Resume Feedback Reports.
  • Position Reports: Ability to run Position Summary, Position Detail, Open, Filled, Time to Fill, Actively Recruiting, On Hold, and All Available/Open Reports.
  • Pipeline Reports: Ability to run Applicant Tracking, Candidate Timeline, Active Candidate Pipeline, Company Interview, Rollup Consolidation Detail, and Rollup Consolidation Summary Reports.
  • Placement Reports: Ability to run Permanent Hire Summary, Permanent Hire Source, Cost Per Hire Detail, Cost Per Hire Summary, Commission, and Hire Expense Reports.
  • Auditing Reports: (These reports include the option of ‘Current User’, this option will allow a user to pull an Auditing Report for their own username) Ability to run Transaction(legacy report), User Activity, Field Distributions, Activity Types Distribution, Posting, Metrics, and External Posting Referrer Reports.
  • EEO Reports: Ability to run Names Missing EEO Data, EEO Place, Employer Information (Applicant), Employer Information (Employee), EEO Source, EEO Data, Applicant Flow, and Internet Applicant Search Activity Reports.
  • Contract/Temp Reports (Legacy report): Ability to run Expense, Timesheet Profit, Timesheet Summary, Invoice, Commission, Hour, and Place Reports.
  • Web Extension Analytics: Ability to run Traffic Sources, Applicant Locations, and Candidate Falloff Reports.
  • User Reports: Ability to run Summary User Security, Detailed User Security, Security Definition Key, Username Record, and Group Record Reports.
  • Custom SQL Reports: A user with SQL experience can create and run a custom SQL report in the database, this controls their ability to do so. Main Sequence Support can also assist with creating a custom SQL Report (Additional fees where appropriate).
  • Email Campaign Reports: Ability to run Campaign Overview and Campaign Results Reports.
  • Export Reports: Allows user to export reports to Excel or Google sheets.

Other #

  • Activity Search Security: This controls whether the User is able to search other User activities.
  • Commissions / Costs (Legacy Feature): This dictates whether a User may view and add Transactions to Company, Name and Position records.
  • Share Schedule: This governs whether this User’s schedule may be viewed by other Users.
  • Scheduling: This controls how a user may interact with the schedule.
  • Rollup Lists: This governs whether and how a User may use Rollups.
  • Interviews: This governs whether a User may add, save, or delete Interview (Pipeline) records. This security permission must be set to at least add/save to link name records to a position or move them through the Pipeline.
  • Keyword / System Tables(Currently Unavailable: This governs whether a User may access the Keyword section under the System Tab.
  • SQL Workbench: Ability for a User to access the SQL Workbench section under the System Tab.
  • Form Letters: This governs how a User may interact with Form Letters (email templates).
  • Custom Fields: This governs whether a user may access the custom fields columns in a search grid for Company, Name, or Position records. They will not be able to view any results for those records if any non-predefined field columns are present in their layout. Note: This security is not related to creating Custom Fields under System. Only System Administrators have access to System > Custom Fields to create or delete custom fields.
  • Synchronization: Controls a user’s ability to synchronize records between PCR and Outlook via the Outlook Portal integration (Please contact support to assist with the setup for this integration).
  • Data Transfer (Currently Unavailable): This allows users to access the Import and Export option within Rollup Lists.
  • EEO Data (Currently Unavailable): This governs whether a User is able to see Gender, Race, and Source on Name records.
  • Write Incoming Email Activities: This governs whether a User may access the Write Activity options if using PCRMail.
  • Allow Record Merging (Currently Unavailable): This governs whether a User may merge duplicate Company or Name records.
  • Timesheets (Currently Unavailable)
  • Planner (Legacy Feature)
  • HRNX Integration (Legacy Feature)
  • Automation Plans: Controls the users ability to create/manage automation plans.
  • Customize Placement Layout: Ability to customize Permanent and Contract/Temp Placement Layouts.
  • Create/Update ProfilesAllows users with non admin security the ability to create/update Profile (Forms/Questionnaires).
  • Presentations: Allows users the ability to send/edit presentations and create presentation templates.
  • Presentation Overall List: Allows users to view the master list of Presentations in System settings.
  • Change user name for company, name and position: Allows users the ability to switch the user name in the Record Owner field on a record.
  • Placements: Allows users to ability to view, edit, add, or delete placement records.
  • Analytics: Enables access to the Analytics feature on the main toolbar. Additional securities for analytics can be found HERE.
  • Allow Option for Private Email (Legacy Feature)
  • Sequencing: Allows users the ability to access various functions of the Simple and Advanced Sequencing feature. (Note: A user with a System Administrator setting of Full Permission automatically inherits rights of Full Permission regardless of Sequencing security.)
 No PermissionRead OnlyAdd/UpdateFull Permission
Access SequencingX
Execute Assigned TasksX
View Sequence Overview and TemplatesX
Activate a SequenceXX
Pause/Resume a SequenceXX
End a SequenceXX
Create and edit Sequence Templates and BranchesXX
Delete Sequence TemplatesXXX
Comparable MetricsXXX
Sequence ResultsXXX
  • Sequencing Tasks: Allows users the ability to access other users’ tasks.

Security Policy #

  • Account is Disabled: Use this to prohibit access to PCRecruiter.
  • Account is Locked Out: Once a user reaches the maximum number of login attempts their account becomes locked out, uncheck this box to unlock their account.
  • User Must Change Password at next Logon: Use this to force a password change for this User.
  • User Cannot Change Password: Use this to remove the ability to change a password on the MyPCR screen.
  • Password Expires: Enables the ability to set a password expiration timeframe.
  • Two Factor Authentication Setup: 2FA requires the user to have both their username and password, and access to an additional account or device to verify their identity.

2-Factor Authentication #

Two-Factor Authentication (otherwise known as 2FA) adds a second layer of security beyond the password for logging into PCRecruiter. It requires the user to have both their username and password and access to an additional account or device to verify their identity. This feature will affect login to the PCRecruiter Web, PCRecruiter Mobile, PCR for Google, and PCR for Outlook.

An Administrative user in PCR will have to activate 2FA for each username individually.

2FA Setup #

  1. Verify that your database has a working general SMTP account in the Outgoing Mail Settings.
  2. Open System in the Main Menu
  3. Open Users
  4. Select Manage Users
  5. Select a Username
  6. Click the Security option.
  7. Open the Security Policy section, if it isn’t already expanded.
  8. Click Two Factor Authentication Setup
  9. Check Enable
  10. Check any or all of the different methods you would like to allow that user to use for receiving authentication codes (described below).
  11. Save

The next time that user attempts to log in, they will be prompted with the 2FA Login.

Functionality #

  • Upon entering the correct Username and Password combination the user will be prompted to select from the available Authentication Methods
  • A numerical Authentication Code will be sent to their email or app as selected.
  • After entering the Code they will be allowed to log in to PCRecruiter

Methods of Receiving Authentication Codes #

Email #

Using this method, PCRecruiter will send an email containing a 7-digit numeric code to the Email Address stored in the User Record.  (System > Users > Manage Users > Username > Information > Contact Information > Email Address)  The user will have five minutes in which to enter the code in order to complete the login process. The email address is used as the alternate authentication method if the other options have been turned on but not connected.

Push Notifications #

Using this method, PCRecruiter will send a code via Push Notification to the PCRecruiter mobile app. The user must have successfully logged into the PCRecruiter App at least once for this method to work. The app does not need to be open to receive the code, but the app’s notifications must be enabled. If the app’s cache has been cleared or the app has been uninstalled and reinstalled, the user must log in again before 2FA will work.

Authenticator App #

Using this method, PCRecruiter will prompt for a numeric code generated by an associated Authenticator App or browser extension, such as Google Authenticator.

To establish the initial connection with an app:

  1. Click the Configuration Gear icon at the far right of the Main Menu frame in PCRecruiter.
  2. Click Add to Authenticator
  3. Use the Add option in the authenticator app of your choice to take a picture of the QR code presented on the screen.

A “Reset” button is available on the 2FA Setup screen. This button will clear the connection to the Authenticator app in the event that the user has lost their device or wants to re-connect the Authenticator from scratch.

Once configured, a PCRecruiter authentication code will be visible in the authenticator app. This code can be entered into the form to complete the 2FA login.