The Trusted Browser feature offers second-factor authentication, where users would access the Guestline systems using an approved browser.
Trust Browsers overview
The Trusted Browser feature provides a practical solution to a common challenge in hospitality: maintaining robust security whilst accommodating operational realities. Rather than requiring staff to use mobile phones for authentication codes or install software on shared computers, Trusted Browsers treat approved browsers as a second authentication factor.
Available only for non-MFA users accessing via browsers, trusted browsers are recognised property-wide, eliminating the need for individual approvals on shared devices, as shown in the diagram below:
Trusted Browser Modes
We offer two Trusted Browser modes:
Standard Mode
is enabled by default when you first activate the Trusted Browsers feature. It allows you to monitor browser activity without restricting access, and to ensure users can continue to log in without interruption during the setup phase.
While in Standard mode, you can:
View all browsers accessing your system.
Rename browsers for clarity, for example "Reception Desk 1 - Chrome".
Pre-approve browsers before switching to Secure mode.
Monitor usage patterns and IP addresses.
Secure Mode means every browser used on-site must be designated as a Trusted Browser in order to access Guestline.
Secure Mode provides:
Enhanced security by requiring explicit approval for all browsers before access.
Additional protection for users who don't use MFA.
View all browsers accessing your system.
Rename browsers for clarity, for example, "Reception Desk 1 - Chrome".
Monitor usage patterns and IP addresses.
Setting up Trusted Browsers
Setup takes just three simple steps, and you only need to do it once. While you complete the setup, all users continue accessing the system normally with no interruptions.
⚠️ Important: Only admins with user management permissions and MFA enabled can complete these setup steps. If you don't have these permissions, contact an on-site admin.
To set up Trusted Browsers for your property, follow the configuration steps below:
Step 1: Check your system is in Standard Mode
To check if you are in the default standard mode, follow the steps below:
Within Guestline Rezlynx PMS, navigate to System, Tools, then Admin Panel.
📌 Note: If you do not have access to the Admin Panel, please contact an Admin on-site with user management permissions and MFA enabled.
Select Trusted Browsers in the left-hand menu.
Review the Browser Security Mode.
🤓 Tip: If this is showing in Secure mode, do not disable it, you can proceed to Approve or reject individual Trusted Browsers.
Step 2: Review active browsers
In Standard mode, review users logged into each browser, then approve or reject browsers and update browser names as needed.
To review active browser sessions, follow the steps below:
Within Guestline Rezlynx PMS navigate to System, Tools, then Admin Panel.
📌 Note: If you do not have access to Admin Panel, please contact an Admin on-site with user management permissions and MFA enabled.
Select Trusted Browsers in the left-hand menu.
Browsers currently accessing your system are listed, as shown in the image below:
Select a browser to review and verify the following information:
Browser ID and IP address – to ensure you're approving the correct browser and identify any suspicious activity.
User details match those of users on-site who are accessing the system.
Tenants being accessed are correct.
⚠️ Important: If any browsers seem incorrect for your site, we recommend rejecting them—they can be approved later if needed.
Click the pencil icon to rename the browser, from the randomly assigned name t o one based on the device. For example, Events laptop – Chrome.
Select Manage Access, then choose:
Approve – to approve the browser as a Trusted Browser for future log ins.
Reject – to block a browser. The browser can request access later if required. You should reject a browser where you cannot identify which device or location the browser belongs to.
Click Save Changes.
Repeat steps 6-9 until all browsers have been reviewed and either accepted or rejected.
🤓 Tip: Refresh the page to view any browsers used to access the system since you accessed the Admin Panel.
Step 3: Switch to Secure Mode
Once you have approved the individual browsers, you can proceed to switch on Secure Mode.
When set to Secure, this provides an additional layer of security for users without MFA enabled.
To switch on Secure Mode, follow the steps below:
Within Guestline Rezlynx PMS navigate to System, Tools, then Admin Panel.
📌 Note : If you do not have access, please contact your Admin user on site.
Select Trusted Browsers in the left-hand menu.
Slide the toggle to Secure.
🤓 Tip: If this is showing in Secure mode, you do not need to touch this toggle.
Secure mode provides an additional layer of security for users without MFA enabled. From this point forward, any new unapproved browsers will require
individual approval or rejection before they can access your Guestline system. We recommend regularly reviewing and managing Trusted Browsers.
Related articles
You can find out more about specific Trusted Browser actions in these articles:
Frequently Asked Questions
Do I have user permissions to approve Trusted Browsers?
The browser needs to be approved. This action can be performed by any User who has rights to manage users. This means they must have MFA enabled and Users Permissions privileges on their account as shown below:
Users with privileges described above can approve browsers through the Admin Panel.
We already use MFA for all users - do we need trusted browsers as well?
No - If MFA is already in use, then trusted browsers is not required.
Who can manage the list of Trusted Browsers?
Users with User Management privileges. They must have the Update Permissions privilege assigned and MFA enabled on their accounts.
What is the scope of trusting the Browser?
A browser added to the Trusted Browsers list is recognised across all users within the same property or tenant. It means that the shared browser needs to be approved only once.
Will it work with the Rezlynx browser?
Yes, users will need to approve the Rezlynx browsers like any other browser.
What if a User has access to multiple tenants?
Their browser must be approved for every tenant or property within the Group they have access to, including Training sites.
What if we have Training sites?
Browsers must be approved separately for Training sites, even if already approved for live properties.
What happens if I clear my browser cookies?
Your device will still be trusted. We don't store any information related to Trusted Browser in the cookies.
If I reject the browser, are all the users using it automatically logged off?
No, they can still operate for as long as their session is active. The next time they try to log in, they'll be rejected.
What if an employee leaves my business, but the browser on their device was trusted?
You can visit the admin panel and reject previously approved browsers. Next time they attempt to log in, it will be rejected and prevent them from logging in to Guestline.
If the web browser was un-installed and re-installed or the browser updated, would the process need to be completed again?
For browser updates, you do not have to repeat the process.
For uninstall-reinstall, the process may need to be repeated for that browser.
Do we need to do the process twice for laptops when they are connected via ethernet and/or connected to Wi-Fi?
No, this will not be required. We generate an ID that isn’t based on the connection type.
Why is the full Browser ID listed in the control panel?
Browser IDs are unique fingerprints tied to a specific browser installation on a device and remain constant regardless of location. Unlike IP addresses, which change when a device connects from different networks (like moving a laptop between locations), Browser IDs stay the same.
This makes Browser IDs valuable for tracking and identifying specific browser activity. Your on-site IT team can use these IDs to locate exactly which device and browser performed certain actions, providing reliable device identification for security and troubleshooting purposes.
What if each staff member has their own Microsoft account?
This configuration is fully supported. Browsers will require approval on a per-user basis rather than per-device due to the individual account structure. Once a user's browser is approved, they will have ongoing access without requiring repeated authorisation requests.
I cannot access the Distribution Hub via PMS, what can i do?
You can access your Distribution Hub by logging in to Distribution Hub at https://home.eu.guestline.app/ instead.