Skip to main content

Sign in Issues and Resetting Codes

  • Updated

When an insured calls about not being able to sign in, the cause is almost always one of five things. Walk this list in order — the first three resolve about 90% of cases on the first call.

The five causes, in order of frequency

  1. They're using policy number + enrollment code when they should be using email/username + password (or vice versa).
  2. They have caps lock on, or autocorrect changed their password.
  3. The enrollment code expired (10 minutes by default).
  4. The account is locked from too many failed attempts (15 min cooldown).
  5. They're enrolling on the wrong portal (e.g., a previous carrier's branded portal, or our dev URL).

First diagnostic question

Always start here:

"Are you trying to set up the portal for the first time, or have you signed in before?"

This determines which path to walk:

Returning user, can't sign in

Walk these checks in order.

Check 1 — They're on the right portal

Confirm the URL they're at, or the app icon they tapped. The web portal is portal.<yourcarrier>.com. The app shows your carrier's logo on the launch screen.

If they say it "looks different than last time," they may be on the wrong domain. Direct them to the correct URL.

Check 2 — Username is correct

The username is whichever email they enrolled with — usually the email on the policy at enrollment time. If the policy email has since changed, the old email is still their username unless they updated it in Profile > Contact.

Check 3 — Password reset

If they're not sure of their password:

  1. On the sign-in screen, ask them to tap Forgot password.
  2. Enter the email associated with the account.
  3. Within 60 seconds they get an email with a reset link. The link is valid for 60 minutes.
  4. They click the link, set a new password (10+ chars by default), and are signed in.

If the email doesn't arrive:

  • Have them check spam / promotions. The reset email is from noreply@portal.yourcarrier.com.
  • If you can confirm via BriteCore that the email on file is wrong, you can update it (per your carrier's policy) and re-trigger the reset.
  • If they can't access that email account anymore (e.g., changed jobs and lost their work email), you'll need to update the email on file in BriteCore first, then trigger the reset.

Check 4 — Account locked

After 5 failed sign-in attempts (default), the account locks for 15 minutes. The error message is:

"We've temporarily locked this account for security. Please try again in 15 minutes, or reset your password."

To unlock immediately:

  1. In the admin console, open Users > Insureds.
  2. Search by email or policy number.
  3. Open the record. Status will show Locked.
  4. Click Unlock account.
  5. Ask the insured to try again. Encourage them to use Forgot password if they're not sure of their password — locking again isn't worth the friction.

Check 5 — MFA issues

If MFA is required by your carrier and the insured has lost their MFA device:

  1. Verify identity with at least two pieces of information (e.g., DOB + last 4 of policy number + amount of last payment).
  2. In the admin console, open the insured's record.
  3. Click Reset MFA.
  4. They'll be prompted to set up MFA again at next sign-in.

Resending an enrollment code

Enrollment codes (the 6-digit one sent during initial sign-up) expire in 10 minutes by default. If a code expired:

  • The insured taps "Send code again" on the verification screen — easiest path.
  • If they're not on the verification screen anymore, they restart enrollment. Each fresh enrollment attempt sends a new code.

To manually resend a code from the admin side (when the email isn't reaching them):

  1. Open Users > Insureds.
  2. Find the pending enrollment (status: Pending verification).
  3. Click Resend code. Optional: change the channel from email to SMS.
  4. The code is regenerated and sent.

Resending a "welcome" / onboarding code

For insureds you've manually provisioned an account for (see Helping a Policyholder Enroll) and they never finished setup:

  1. Open Users > Insureds.
  2. Find the record (status: Provisioned, not signed in).
  3. Click Resend onboarding email. A new sign-in link is sent.

The onboarding link is valid for 7 days.

Mobile-specific sign-in issues

"The app says I'm offline"

  • Confirm Wi-Fi or cellular data is on.
  • The app needs network for first sign-in. After sign-in, basic policy data is cached and visible offline.
  • If the device has corporate VPN or a content filter, the API host (*.briteapps.space) may be blocked. Ask IT to allow it.

"Touch ID / Face ID isn't working"

  • Biometric sign-in is off by default. The insured turns it on under Profile > Security > Biometric sign-in.
  • It only works after a successful password sign-in on that device.
  • After 7 days without use, the app falls back to password.

"I can't enable autopay in the app but it works in the web"

Some payment features are gated to web for compliance reasons depending on your processor. Check Settings > Features to confirm; if autopay is toggled off for mobile in your config, that's expected behavior.

When to escalate

Escalate to BriteCore Support if:

  • An entire group of insureds can't sign in (suggests an outage, not a user issue).
  • Sign-in succeeds but the dashboard is blank or shows an error (data sync issue).
  • Audit log shows unexpected impersonation events.
  • The portal returns a 5xx error on sign-in (server-side; not something you can fix).

Open a case with Severity: High if any of those are true.

See also

Was this article helpful?
0 out of 0 found this helpful
Return to top