> For the complete documentation index, see [llms.txt](https://asus-isg-aidc.gitbook.io/guide/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://asus-isg-aidc.gitbook.io/guide/v1.3.0/guide/accountmanagement.md). # Account Management | Developer | Last modified | | --------- | ------------- | | AIDC Team | 2026/01/26 | *** ## 1. Feature Overview The Account Management feature allows you to manage all user accounts in the system. Through this feature, you can add, edit, delete user accounts, and configure their permissions and security options. *** ## 2. Page Layout Description ### Main Screen Structure ![Account Management Layout](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/layout.png) * **Title Bar**: The "+ Add" button in the upper right corner creates a new account * **Search Bar**: Enter keywords to search for usernames or emails * **Account List**: Displays grouped by role, click ▼ to expand or collapse groups * **Options Panel**: Located on the right side of the page, allows you to configure display fields and data grouping ### Options Panel There is an Options panel on the right side of the page, providing two configuration features: ![Options](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/options.png) #### Fields This area controls which fields are displayed in the list: **Configurable Fields**: * Username * Email * Active * MFA * Verify Date **How to Use**: * Checked fields will be displayed in the list * Unchecked fields will be hidden * You can show or hide specific fields as needed to make the list more concise or detailed #### Row Groupings This area shows the fields currently used for grouping: **Default Grouping**: * The system defaults to grouping by "Role Name" * This is why the list displays accounts grouped by role **Adjusting Grouping**: * To remove grouping, click the "×" button next to the grouping field * After removing grouping, all accounts will display as a single list, no longer divided into different groups * You can also drag other fields from the field list above to create different grouping methods *** ## 3. Account List Field Descriptions Each account in the list displays the following information: \| Field Name | Description | Display Example | |-----------|---------------| | **Username** | User's login name, cannot be modified after creation | admin, john, mary | | **Email** | User's email address | | | **Active** | Account activation status | Green "Enable" = Activated\ Gray "Disable" = Deactivated | | **MFA** | Multi-factor authentication status | Green "Enable" = Enabled\ Gray "Disable" = Disabled | | **Verify Date** | Last MFA verification date | 2024-03-15\ Displays "-" if MFA not enabled | ### Role Description Roles in the system are defined by administrators in the "Role Permissions Management" feature. Each role has different permission settings. When adding or editing an account, you can select from available roles in the dropdown menu. ### Status Description Accounts may have the following status combinations: \| Active Status | MFA Status | Description | Recommended Use | |-----------|---------------|-----------------| | Enable | Enable | Account is active and has MFA protection | Recommended for administrator accounts | | Enable | Disable | Account is active but without MFA protection | Suitable for general users | | Disable | Disable | Account is deactivated, cannot log in | Departed employees or temporarily unused accounts | *** ## 4. Add Account ![Create Account](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/create-account.png) ### Operation Steps **Step 1: Open Add Form** 1. Click the "+ Add" button in the upper right corner of the page 2. A "Create Account" form window will appear **Step 2: Fill in Basic Information** The form contains the following fields to fill in: \| Field Name | Required | Description | Example | |-----------|---------------|---------| | Username | Required | English or numbers, cannot be modified after creation | john\_doe, user123 | | Password | Required | Must meet password requirements (see below) | MyPass123! | | Confirm Password | Required | Must match the password field | MyPass123! | | Email | Required | Valid email format | | | Role | Required | Select from dropdown menu (currently only Admin is available) | Admin | **Password Requirements:** * At least 8 characters in length * Must contain uppercase letters (A-Z) * Must contain lowercase letters (a-z) * Must contain numbers (0-9) * Must contain special characters (such as !@#$%^&\*) 💡 **Tip:** Click the eye icon next to the password field to show or hide the password content, making it easier to verify your input. **Step 3: Set Account Status** * By default, the "Active Status" toggle for new accounts will be on * If you want to create an account but not activate it immediately, you can turn off this toggle * Newly created accounts do not have MFA enabled by default **Step 4: Complete Creation** 1. Confirm all data has been filled in correctly 2. Click the "Create" button 3. The system will validate the data and create the account 4. A success message will be displayed after successful creation 5. The new account will appear in the list **Cancel Operation:** * If you don't want to create, click the "Cancel" button * Entered data will not be saved *** ## 5. Edit Account ![Edit Account](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/edit-account.png) ### Operation Steps **Step 1: Select Account to Edit** 1. Find the account to edit in the account list 2. Click anywhere on that account 3. An "Edit Account" form window will appear 4. The window will display the account's current data **Step 2: Modify Data** In the edit form, you can modify the following items: \| Field Name | Modifiable | Description | |-----------|---------------| | Username | ❌ Cannot modify | This field is grayed out and cannot be changed | | Password | ✅ Modifiable | Enter a new password to change | | Confirm Password | ✅ Modifiable | Must match the new password | | Email | ✅ Modifiable | Can update to a new email address | | Role | ✅ Modifiable | Select role from dropdown menu (currently only ADMIN) | | Active Status | ✅ Modifiable | Toggle switch to enable or disable the account | | Multi-Factor Authentication | ✅ Modifiable | Toggle switch to enable or disable MFA | **Step 3: Save Changes** 1. After modifications are complete, click the "Update" button 2. The system will save your changes 3. After the window closes, the list will automatically update **Cancel Editing:** * Click the "Cancel" button to close the window * Your changes will not be saved 💡 **Tip:** When an employee leaves, it's recommended to deactivate the account rather than delete it. This preserves historical data and allows for future reference if needed. *** ## 6. Delete Account ![Delete Account](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/delete-account.png) ### Operation Steps **Step 1: Open Delete Function** 1. Click the account to delete and open the edit window 2. Find the "Delete" button at the bottom of the edit window 3. Click the "Delete" button **Step 2: Confirm Deletion** 1. A confirmation dialog will appear 2. The dialog displays: "Are you sure you want to delete this account?" 3. Carefully confirm whether you really want to delete **Step 3: Execute Deletion** * Click "Delete" to confirm execution * The account will be completely removed from the system * The list will automatically update **Cancel Deletion:** * Click the "Cancel" button * The account will not be deleted ### ⚠️ Important Reminders | Notice | Description | | -------------------- | -------------------------------------------------------------------------- | | Cannot Undo | Once deleted, it cannot be restored, account data will be permanently lost | | Cannot Log In | The user will immediately be unable to log into the system | | Historical Data | Historical data related to the account may be affected | | Recommended Practice | It's recommended to use the "Deactivate" feature rather than delete | ### Delete vs Deactivate \| Comparison | Delete | Deactivate | |-----------|---------------| | Can Log In | No | No | | Data Preserved | No, completely removed | Yes, fully preserved | | Can Restore | No | Yes, can reactivate anytime | | Historical Records | May be lost | Fully preserved | | Recommended Use | Test accounts, incorrectly created accounts | Departed employees, temporarily unused accounts | *** ## 7. Multi-Factor Authentication (MFA) Setup ### What is MFA? Multi-Factor Authentication (MFA) is an additional security protection mechanism. After enabling MFA, logging in requires not only entering a password but also a 6-digit verification code generated by a mobile application. **Why is MFA Needed?** * Even if the password is stolen, the account cannot be accessed without the phone * Significantly enhances account security * Protects important data from unauthorized access **Recommended for:** * ✅ Accounts with high privileges (strongly recommended) * ✅ Important accounts (recommended) * ⚪ General accounts (as needed) ### Enable MFA **Step 1: Open MFA Setup** 1. Open the edit window for the account to configure 2. Find the "Multi-Factor Authentication" toggle 3. Switch the toggle to enable (push right) 4. An "MFA Setup" window will appear ![Activate MFA](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/activate-mfa.png) **Step 2: Prepare Authentication Application** You need to install an authentication application on your phone (choose one): * Google Authenticator * Microsoft Authenticator * Authy * Other TOTP-supported authentication applications 💡 **Tip:** If you don't have an authentication application on your phone yet, first download and install one from the App Store or Google Play. **Step 3: Scan QR Code** 1. The MFA setup window will display a QR Code image 2. Open the authentication application on your phone 3. Select "Scan QR Code" or "Add Account" function 4. Use your phone's camera to scan the QR Code on the screen 5. The authentication application will automatically add this account 6. The application will start displaying a 6-digit verification code ![Scan QRcode](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/scan-qrcode.png) **Step 4: Enter Verification Code** 1. Check the 6-digit verification code displayed on your phone's authentication application 2. Enter these 6 digits in the input box of the MFA setup window 3. Note that the verification code updates every 30 seconds 4. The window will display the remaining verification time (60-second countdown) at the bottom ![Verification Code](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/verification-code.png) **Step 5: Complete Verification** 1. After entering the verification code, click the "Submit" button 2. The system will verify if the verification code you entered is correct 3. A "Verification Successful" message will be displayed on success 4. MFA setup is complete, the window will close automatically 5. In the account list, the account's MFA field will display green "Enable" 6. The Verify Date field will display the verification date ![MFA Enable](https://pub-f334ff01208c4e6195b80133ac6e6030.r2.dev/portal/accountManagement/mfa-enable.png) ### Verification Failure Handling | Failure Reason | Solution | | --------------------------- | --------------------------------------------------------- | | Verification code expired | Wait for a new verification code to generate and re-enter | | Input error | Carefully check the 6 digits and re-enter | | Exceeded verification time | Close the window and reopen MFA setup | | Phone time not synchronized | Confirm phone time is set to "automatic" | ### Disable MFA **Step 1: Open Edit Window** 1. Click the account to disable MFA 2. Open the edit window **Step 2: Turn Off MFA** 1. Find the "Multi-Factor Authentication" toggle 2. Switch the toggle to disable (push left) 3. Click "Update" to save **Step 3: Confirm Deactivation** * MFA will be immediately disabled * The account will no longer require verification code entry when logging in * In the account list, the MFA field will display gray "Disable" * The Verify Date field will be cleared and display "-" ### MFA Precautions | Precaution | Description | | -------------------- | ------------------------------------------------------------------------------------ | | Phone Safekeeping | Safely keep the phone bound to MFA | | Lost Phone | If phone is lost, immediately contact administrator to help disable MFA | | Phone Replacement | Disable MFA before replacing phone, then reconfigure after phone change | | Backup Solution | Some authentication applications support backup features, it's recommended to enable | | Time Synchronization | Ensure phone time is set to automatic to avoid verification code errors | *** ## 8. Search Account ### Operation Steps **Step 1: Enter Search Keywords** 1. Find the search box at the top of the page 2. Click the search box 3. Enter the content you want to search for **Step 2: View Search Results** * After entering, the list will immediately display matching accounts * Search criteria will be displayed as tags below the search box * Accounts that don't match the criteria will be hidden **Step 3: Clear Search** * Click the ✕ icon next to the search criteria tag * The list will restore to show all accounts ### Search Function Description \| Searchable Content | Description | Example | |-----------|---------------| | Username | Enter full or partial username | Entering "john" can find "john", "john\_doe" | | Email | Enter full or partial email address | Entering "@company" can find all accounts with that domain | | Mixed Search | Matches username or email simultaneously | Entering "admin" can find usernames or emails containing "admin" | *** ## 9. Account List Management * Click the ▼ icon to expand or collapse role groups * Group headers display role name and account count * Click an account to open the edit window to view detailed information * List is grouped by role, within the same role sorted alphabetically by username *** ## 10. Frequently Asked Questions **Q1: How to add a user account?** A: Follow these steps: 1. Click the "+ Add" button in the upper right corner 2. Fill in username, password, email 3. Select role 4. Click "Create" to complete **Q2: How to deactivate an account?** A: 1. Click the account to open the edit window 2. Turn off the "Active Status" toggle 3. Click "Update" to save 4. The account cannot log in, but data is still retained in the system **Q3: Can I modify the username after creating an account?** A: No. Username cannot be modified after creation. If you need to change it, you can only delete the old account and create a new one. Therefore, it's recommended to set the correct username when creating. **Q4: What is MFA? Why use it?** A: MFA (Multi-Factor Authentication) is an additional security protection: In addition to a password, you also need a phone verification code to log in. Even if the password is stolen, you cannot log in without the phone. It's recommended to enable MFA for important accounts. **Q5: How to set up MFA for an account?** A: Open account edit window → Enable "Multi-Factor Authentication" → Scan QR Code → Enter verification code → Click "Submit". For detailed steps, please refer to Chapter 7. **Q6: What if I forget my password?** A: If you have permission, you can reset passwords for other users; if it's your own account, you need to contact authorized management personnel for assistance in resetting. **Q7: MFA verification code keeps showing errors?** A: Please check if the verification code has expired (updates every 30 seconds), if the phone time is set to automatic, and if the 6 digits entered are correct. **Q8: What's the difference between delete and deactivate?** A: Delete completely removes the account and cannot be undone; deactivate keeps the account but prevents login, and can be reactivated at any time. It's recommended to deactivate first, and delete only after confirming it's no longer needed. **Q9: What if I lose my phone? Can MFA still be used?** A: Please immediately contact authorized management personnel to help disable MFA. After retrieving your phone, you can set up MFA again. *** ## 11. Important Reminders ### Account Security Recommendations * Use strong passwords and change them regularly, do not share with others * Enable MFA for important accounts, safely keep the bound phone * Regularly check the account list, promptly deactivate accounts of departed employees * Follow the principle of least privilege, only grant users the minimum permissions needed to complete their work * Promptly adjust role permissions when employees change positions ### Departed Employee Processing Procedure 1. Immediately deactivate the account on the day of departure 2. Retain for 3-6 months for historical data queries 3. Delete only after confirming it's no longer needed *** ## 12. Quick Reference Table ### Field Legend | Symbol/Color | Meaning | | ------------ | ------------------------------------ | | Green Enable | Feature is enabled | | Gray Disable | Feature is disabled | | ▼ | Group is expanded, click to collapse | | ▶ | Group is collapsed, click to expand | | - | No data or not applicable | ### Password Requirements Reminder ``` ✓ At least 8 characters ✓ Contains uppercase letters (A-Z) ✓ Contains lowercase letters (a-z) ✓ Contains numbers (0-9) ✓ Contains special characters (!@#$%^&*) Example: MyPassword123! ``` ### Emergency Handling Procedures | Emergency Situation | Immediate Action | | ---------------------- | ------------------------------------------------------- | | Employee Departure | Immediately deactivate account | | Password Leaked | Immediately reset password, recommend enabling MFA | | Abnormal Account Login | Immediately deactivate account, contact user to confirm | | Lost Phone (MFA bound) | Immediately disable MFA | | Incorrect Permissions | Immediately adjust to correct role | *** --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://asus-isg-aidc.gitbook.io/guide/v1.3.0/guide/accountmanagement.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.