1. Cloudbeds
  2. Configuration Hub
  3. Login & Security
  4. Protecting Your Property (Security & Phishing)

Front Desk Login Security: What Every Staff Member Should Know

Mariia Korostashevych
Updated

✅🖨️We advice you to print this page out. It is designed to be physically posted near front desk terminals.

The 5 rules for secure Cloudbeds logins

Rule 1: Always use the bookmark - never search Google.

Fake "Cloudbeds login" pages appear as sponsored ads in search results. They look identical to the real page. If you type your credentials into one, your account is immediately compromised.

🔖 Official login: https://hotels.cloudbeds.com/auth Bookmark this now. Use only the bookmark.

Rule 2: Always log out when leaving the desk.

Cloudbeds allows multiple simultaneous sessions. If you walk away without logging out, the next person at that computer can access your account without entering any credentials.

Rule 3: Clear your cache if you share a computer.

If multiple staff members log in on the same computer, clear your browser cache and cookies before logging in after someone else. [How to Clear Cache and Cookies]

Rule 4: Never share your MFA device with a coworker.

Your MFA is personal. If a colleague needs access, they need their own user account - ask your manager to create one. If you work at a shared front desk, use a shared USB security key rather than a personal phone.

Rule 5: If something looks wrong, stop and report it.

If the login page looks different from what you expect, if you receive an MFA notification you did not trigger, or if your account is behaving oddly - stop and contact your manager immediately.

The 3 warning signs:

  • The URL in your browser does not start with hotels.cloudbeds.com
  • You receive an MFA approval prompt you did not initiate (someone else is attempting to log in as you)
  • You cannot log in even though you know your password is correct (your credentials may have been changed)

If you believe your account has been accessed by someone else, see: [Suspected Phishing or Compromised Account: 3-Step Emergency Plan]

For property owners: recommended security setup

To protect your property and reduce lockout support tickets:

  1. Assign at least one backup user-manager. Your front desk should never depend on you alone to unlock accounts. Assign a trusted manager or AGM the ability to reset MFA for staff. Without a backup, a single lost phone can lock out your night auditor.
  2. Require Social Login (Google or Apple) or Passkeys for staff. These methods eliminate the "lost phone" lockout scenario almost entirely. If a staff member's phone breaks, their login is not affected.
  3. Create individual accounts for every staff member. Never share login credentials between staff. Individual accounts allow you to disable access instantly when someone leaves.
  4. Bookmark the login page on every shared computer before a new team member's first shift.

For setup instructions, see: Multi-Factor Authentication - Everything You Need to Know.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.