While certainly not encouraged, it is possible for one user's account to be shared by multiple individuals. This is a risky approach to utilising the platform and is not recommended.
Users considering this approach should be aware of the following security risks.
Where multiple users share an account:
- It is impossible to setup up Two Factor Authentication (2FA) which is something we highly recommend for all users as it adds another level of protection to the sensitive documents that are stored on the system. Some law firms will not even share their matters unless the user they are sharing with also has 2FA turned on.
- It is impossible to do an audit on the system, for example who created matters, who uploaded or removed documents, who shared matters, etc..
- Any annotations or chronologies made will not be assigned to an individual user and so there is no way to know who made them.
- When a user leaves the firm the generic password (bad practice) will be exposed and need to be updated by all users.
- User accounts which have been disabled will not be able to login and receive briefs unless they are enabled again.