<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>thread Restricted Team members full access to owner info in Appointments &amp; Bookings</title>
    <link>https://community.squareup.com/t5/Appointments-Bookings/Restricted-Team-members-full-access-to-owner-info/m-p/771732#M4301</link>
    <description>&lt;P&gt;I currently have team members restricted access activated to not view owner information. When team members log in and access More ( 3 lines bottom right ) menu to the welcome back list screen, clicking on Marketplace grants them access to owners information through a web browser window, providing them with unrestricted access and bypass without 2 step verification. how do i stop this?&lt;/P&gt;</description>
    <pubDate>Mon, 22 Sep 2025 13:48:25 GMT</pubDate>
    <dc:creator>Stomco</dc:creator>
    <dc:date>2025-09-22T13:48:25Z</dc:date>
    <item>
      <title>Restricted Team members full access to owner info</title>
      <link>https://community.squareup.com/t5/Appointments-Bookings/Restricted-Team-members-full-access-to-owner-info/m-p/771732#M4301</link>
      <description>&lt;P&gt;I currently have team members restricted access activated to not view owner information. When team members log in and access More ( 3 lines bottom right ) menu to the welcome back list screen, clicking on Marketplace grants them access to owners information through a web browser window, providing them with unrestricted access and bypass without 2 step verification. how do i stop this?&lt;/P&gt;</description>
      <pubDate>Mon, 22 Sep 2025 13:48:25 GMT</pubDate>
      <guid>https://community.squareup.com/t5/Appointments-Bookings/Restricted-Team-members-full-access-to-owner-info/m-p/771732#M4301</guid>
      <dc:creator>Stomco</dc:creator>
      <dc:date>2025-09-22T13:48:25Z</dc:date>
    </item>
    <item>
      <title>Re: Restricted Team members full access to owner info</title>
      <link>https://community.squareup.com/t5/Appointments-Bookings/Restricted-Team-members-full-access-to-owner-info/m-p/772474#M4334</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.squareup.com/t5/user/viewprofilepage/user-id/705911"&gt;@Stomco&lt;/a&gt;&amp;nbsp;!&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;DIV class="p-rich_text_section"&gt;The behavior described of employees being able to access account information from the marketplace depends on several factors, such as whether credentials were saved in the browser on the device or other account-specific and device-specific conditions. The marketplace feature functions similarly to accessing a browser on the same device; it just uses a different redirect mechanism.&lt;/DIV&gt;
&lt;DIV class="p-rich_text_section"&gt;&amp;nbsp;&lt;/DIV&gt;
&lt;DIV class="p-rich_text_section"&gt;Here are some tips that can prevent this from happening:&lt;/DIV&gt;
&lt;OL class="p-rich_text_list p-rich_text_list__ordered p-rich_text_list--nested" data-stringify-type="ordered-list" data-list-tree="true" data-indent="0" data-border="0"&gt;
&lt;LI data-stringify-indent="0" data-stringify-border="0"&gt;&lt;STRONG data-stringify-type="bold"&gt;Avoid autofilled passwords&lt;/STRONG&gt;: Users should disable password autofill on the device to prevent unintended access.&lt;/LI&gt;
&lt;LI data-stringify-indent="0" data-stringify-border="0"&gt;&lt;STRONG data-stringify-type="bold"&gt;Two-Factor Authentication (2FA)&lt;/STRONG&gt;: If you want 2FA to prompt consistently, you should avoid selecting the "Remember this device for 90 days" option during login. This setting is typically stored via cookies or cache.&lt;/LI&gt;
&lt;LI data-stringify-indent="0" data-stringify-border="0"&gt;&lt;STRONG data-stringify-type="bold"&gt;Clearing cookies and cache&lt;/STRONG&gt;: To reset any saved preferences, including the 90-day login exemption, you can clear the cookies and cache on their device.&lt;/LI&gt;
&lt;/OL&gt;
&lt;DIV class="p-rich_text_section"&gt;Additionally, if there’s a concern about an employee logging in with&amp;nbsp; your credentials, you should:&lt;/DIV&gt;
&lt;UL class="p-rich_text_list p-rich_text_list__bullet p-rich_text_list--nested" data-stringify-type="unordered-list" data-list-tree="true" data-indent="0" data-border="0"&gt;
&lt;LI data-stringify-indent="0" data-stringify-border="0"&gt;Ensure the employee doesn’t have dashboard access by adjusting their permission settings appropriately.&lt;/LI&gt;
&lt;/UL&gt;
&lt;DIV class="p-rich_text_section"&gt;This approach helps secure access and ensures only authorized individuals can log in where necessary.&lt;/DIV&gt;
&lt;DIV class="p-rich_text_section"&gt;&amp;nbsp;&lt;/DIV&gt;
&lt;DIV class="p-rich_text_section"&gt;I hope this helps!&amp;nbsp;&lt;/DIV&gt;</description>
      <pubDate>Fri, 17 Jan 2025 18:37:04 GMT</pubDate>
      <guid>https://community.squareup.com/t5/Appointments-Bookings/Restricted-Team-members-full-access-to-owner-info/m-p/772474#M4334</guid>
      <dc:creator>Summer2024</dc:creator>
      <dc:date>2025-01-17T18:37:04Z</dc:date>
    </item>
  </channel>
</rss>

