Sign Up

Auth Settings

Configure authentication methods and multi-factor authentication for your GolfCartOps account.

GolfCartOps offers flexible authentication settings so you can balance security with convenience for your team.

Authentication Methods

Your staff can sign in using any combination of these methods:

  • Email and password -- The standard method. Staff create an account with their email and choose a password.
  • Google sign-in -- One-click login for teams using Google Workspace. See the Single Sign-On page for details.
  • Magic links -- Passwordless email login, primarily used for the customer portal.

All methods can be active simultaneously. Staff members choose whichever they prefer.

Multi-Factor Authentication (MFA)

For added security, GolfCartOps supports time-based one-time passwords (TOTP) as a second factor. This works with authenticator apps like Google Authenticator, Authy, or 1Password.

Enabling MFA

Individual staff members can enable MFA from their profile settings:

  1. Click on your avatar in the sidebar and go to Profile Settings
  2. Find the Multi-Factor Authentication section
  3. Click Enable MFA
  4. Scan the QR code with your authenticator app
  5. Enter the six-digit code to confirm setup

Once enabled, the staff member will be prompted for their authenticator code each time they sign in.

MFA Recommendations

  • Owners and admins should always enable MFA -- these accounts have the most access
  • Staff handling payments should enable MFA to protect financial operations
  • Drivers can skip MFA since their access is limited to delivery routes

Email Verification

By default, new staff members must verify their email address before they can sign in. This prevents unauthorized access from mistyped invitation emails. The verification email is sent automatically when they first create their account.

Password Requirements

Staff passwords must meet these minimum requirements:

  • At least 8 characters long
  • Contains a mix of uppercase and lowercase letters
  • Includes at least one number

Staff members can reset their password at any time from the sign-in page by clicking "Forgot password." A reset link is sent to their email address.

Session Management

GolfCartOps sessions last for one hour by default. After that, users are asked to re-authenticate. This prevents unauthorized access from unattended computers or shared devices at your rental shop.

Sessions are automatically refreshed while a staff member is actively using the platform, so they will not be interrupted during normal work.

Tips

  • Require MFA for anyone with admin access -- it is the single most effective security measure
  • Use the Activity Log to monitor sign-in events and spot unusual access patterns
  • If a staff member reports a compromised account, change their password immediately and review recent activity
  • For shared front-desk computers, remind staff to sign out at the end of their shift