Sign in

Sign in with your account

Access is gated by your administrator; sign in with the email address and password associated with your account.

No account yet?

You can request access โ€” your administrator will review your request and email you. Alternatively, if a Supervisor or Admin has sent you an invitation email, follow the activation link in that email to set your initial password and accept the internal-use notice.

Access controls in force
  • Account-based authentication โ€” email plus a password verified against a salted scrypt hash; sessions are delivered as a signed, HTTP-only, SameSite=Lax cookie.
  • Rate limiting on login and password-reset routes to slow brute-force attempts.
  • CSRF protection on every state-changing form (HMAC-bound double-submit cookie).
  • Defensive HTTP headers (CSP, X-Frame DENY, nosniff, Referrer-Policy, Permissions-Policy, COOP/CORP) plus Cache-Control on sensitive paths.
  • Disabled accounts cannot sign in; existing sessions are revoked on the next request.
  • Audit trail records every authentication event.