Skip to main content
Evaly provides multiple layers of access control to ensure only authorized participants can take your tests. Combine these methods to create the exact security level you need.

Access Control Methods

You can use one or more of these methods simultaneously:

Private Access

Restrict to specific participants by email or group

Password Protection

Require a password to access the test

Email Domain Filtering

Allow only specific email domains

IP Whitelisting

Restrict access to specific IP addresses

Private vs Public Access

The foundation of access control is choosing between private and public access.

Public Access

Anyone with the test link can attempt to access it. Characteristics:
  • No participant pre-registration needed
  • Participants create accounts or sign in
  • Can still add passwords or other restrictions
  • Test link can be shared freely
Best For:
  • Open practice tests
  • Public demonstrations
  • Marketing quizzes
  • Anonymous surveys
  • Self-enrollment courses
Example Use Case: 
Scenario: Open practice test for certification preparation

Settings:
- Access: Public
- Password: None
- Anyone can take it
- Results shown immediately for self-study

Private Access

Only explicitly added participants can access the test. Characteristics:
  • Must add participants via email or group
  • System verifies participant email at access
  • More control over who takes the test
  • Prevents unauthorized access
Best For:
  • Formal exams
  • Graded assessments
  • Confidential tests
  • Restricted courses
  • Corporate training
Example Use Case: 
Scenario: Final exam for enrolled students

Settings:
- Access: Private
- Participants: Added via student email list
- Only enrolled students can access
- Results withheld until grading complete

Managing Participants

When using private access, you must specify who can take the test.

Adding Individual Participants

1

Navigate to Access Control

Go to your test and click the Share or Access tab
2

Add Participants Section

Find the “Individual Participants” section
3

Enter Email Address

Type the participant’s email address and click Add
4

Repeat or Bulk Add

Add more participants individually or use bulk import
Email Validation:
  • Emails must be valid format ([email protected])
  • Duplicate emails are prevented
  • Case-insensitive matching

Bulk Adding Participants

Add multiple participants at once:
  1. Click Bulk Add
  2. Paste email addresses (one per line or comma-separated)
  3. Click Import
  4. Review results showing successful and failed imports
Example Format: 
[email protected]
[email protected]
[email protected]
or 
[email protected], [email protected], [email protected]

Using Participant Groups

Create reusable participant lists for efficiency.
  1. Navigate to User Groups in the sidebar
  2. Click Create Group
  3. Name the group (e.g., “Biology 101 - Fall 2024”)
  4. Add members via email
  5. Save the group
  1. Go to test Access/Share settings
  2. Find “Participant Groups” section
  3. Click Add Group
  4. Select the group from your list
  5. All group members can now access the test
Benefits:
  • Create once, use many times
  • Update membership in one place
  • Organizational structure (classes, departments, teams)
  • Faster test setup
Example Structure: 
Group: "Math 101 - Section A"
Members: 30 students

Group: "Math 101 - Section B"
Members: 28 students

Test: "Midterm Exam"
Assigned Groups: Section A, Section B
Total Participants: 58 students

Removing Participants

You can remove participants or groups at any time:
  • Individual participants: Click the X next to their email
  • Groups: Click the X next to the group name
  • Soft delete: Can be restored if removed by mistake
Removing a participant who has already started or completed the test does not delete their attempt or results. It only prevents future access.

Password Protection

Add a password requirement to any test (public or private).

Setting a Password

1

Open Access Settings

Navigate to test Settings or Share tab
2

Enable Password

Toggle “Require Password” or find the password field
3

Enter Password

Type a password participants must enter
4

Save Settings

Password takes effect immediately
How It Works:
  • Participants see password prompt before starting test
  • Must enter correct password to access questions
  • Password is case-sensitive
  • Can be changed at any time
Best Practices:
  • Use memorable but not obvious passwords
  • Share password through secure channel (not email)
  • Change password if compromised
  • Document where password was shared
Example Scenarios: 
Access: Public (anyone with link)
Password: "Exam2024!"

Workflow:
1. Share test link before exam
2. Display password on screen during exam
3. Students enter password to begin
4. Password prevents early access

Email Domain Filtering

Restrict access to specific email domains (e.g., only @school.edu addresses).

Configuring Domain Filters

1

Open Access Settings

Go to test Settings or Access tab
2

Add Allowed Domains

Find “Allowed Email Domains” section
3

Enter Domains

Add domains one at a time (e.g., “school.edu”)
4

Save

Restrictions apply immediately
How It Works:
  • System checks participant email during login
  • Rejects emails not matching allowed domains
  • Works with both public and private access
  • Case-insensitive matching
Domain Format: 
✅ Correct: school.edu
✅ Correct: university.org
✅ Correct: company.com

❌ Incorrect: @school.edu
❌ Incorrect: *.school.edu
❌ Incorrect: [email protected]
Multiple Domains: You can add multiple domains: 
Allowed Domains:
  - university.edu
  - university-staff.org
  - alumni.university.edu
  
Result: Users with any of these domains can access
Use Cases:
Limit to your organization:
Access: Public
Allowed Domains: ["schoolname.edu"]

Result: Anyone with the link AND a @schoolname.edu email can access
Allow partner organizations:
Access: Public
Allowed Domains: [
  "university-a.edu",
  "university-b.edu",
  "partner-org.com"
]
Double verification:
Access: Private
Participant List: 100 students
Allowed Domains: ["school.edu"]

Result: Must be on list AND have @school.edu email

IP Address Whitelisting

Restrict test access to specific IP addresses or ranges.

Configuring IP Restrictions

1

Open Access Settings

Navigate to test Settings or Access tab
2

Add Allowed IPs

Find “Allowed IP Addresses” section
3

Enter IP Addresses

Add IP addresses or CIDR ranges
4

Save and Test

Verify access works from allowed locations
IP Format: 
✅ Single IP: 192.168.1.100
✅ IP Range (CIDR): 192.168.1.0/24
✅ Multiple IPs: Add each separately
How It Works:
  • System checks participant’s IP address on access
  • Rejects access from non-whitelisted IPs
  • Applies before password prompt
  • Works with VPNs (checks VPN IP)
Common Use Cases:
Require students to be on campus:
Access: Public
Allowed IPs: ["10.0.0.0/8"]  # Campus network range
Password: "CampusTest2024"

Result: Must be on campus network to access
Restrict to computer lab:
Access: Private
Participant List: Students enrolled in course
Allowed IPs: [
  "192.168.50.10",
  "192.168.50.11",
  "192.168.50.12"
]  # Lab computers

Result: Must be in testing center on specific computers
Allow specific locations:
Access: Private
Allowed IPs: [
  "203.0.113.0/24",      # Main campus
  "198.51.100.0/24",     # Satellite campus
  "192.0.2.50"           # Proctoring service
]
IP Whitelisting Limitations:
  • Mobile networks have changing IPs
  • Home networks may have dynamic IPs
  • VPNs change the visible IP
  • Best for controlled environments

Combining Access Controls

Layer multiple restrictions for maximum security:

Security Level Examples

Public Practice Test
Access: Public
Password: None
Email Domains: None
IP Whitelist: None

Use Case: Open practice, learning resources

Scheduling & Access Control

Combine time-based access with other restrictions: 
Scenario: Midterm Exam

Access Control:
  - Access: Private (250 students)
  - Password: "Midterm2024"
  - Email Domains: ["university.edu"]

Scheduling:
  - Start: March 15, 2024 at 9:00 AM
  - End: March 15, 2024 at 11:00 AM
  - Duration: 2 hours

Result:
  - Only enrolled students can access
  - Only between 9 AM - 11 AM on March 15
  - Must have university email
  - Must know password

Access Denied Messages

Participants see clear messages when access is denied: Private Test (Not on List):
“This test is private. You are not authorized to access it. Please contact the test administrator.”
Wrong Email Domain:
“Access restricted to @university.edu email addresses. Please sign in with an authorized email.”
IP Not Allowed:
“This test can only be accessed from authorized locations. Please contact your administrator.”
Wrong Password:
“Incorrect password. Please try again or contact the test administrator.”

Best Practices

Choose Appropriate Level

Don’t over-restrict:
  • Practice tests: Minimal restrictions
  • Quizzes: Moderate restrictions
  • Exams: High restrictions
  • Certifications: Maximum restrictions

Test Access Before Launch

Verify:
  • Test login from participant perspective
  • Try wrong passwords/emails
  • Check from different networks
  • Ensure help resources available

Communicate Requirements

Tell participants:
  • Where to access test
  • What email to use
  • Where to find password
  • What to do if access fails
  • Who to contact for help

Document Settings

Keep record of:
  • Access control settings
  • Passwords used
  • Where passwords shared
  • IP addresses allowed
  • Schedule/time windows

Troubleshooting Access Issues

Check:
  1. Is test published?
  2. Is participant on the list (private access)?
  3. Are they using correct email address?
  4. Is email domain allowed?
  5. Are they within scheduled time window?
  6. Is IP address whitelisted?
  7. Did they enter correct password?
Solutions:
  1. Verify participant list is correct
  2. Check for typos in email addresses
  3. Ensure clear communication about requirements
  4. Consider loosening restrictions if appropriate
  5. Provide support contact information
Actions:
  1. Change password immediately
  2. Review participant access logs
  3. Add IP restrictions if needed
  4. Switch to private access
  5. Reset test if necessary
  6. Notify affected participants

Next Steps

User Groups

Manage participant groups

Monitoring

Watch test progress in real-time

Test Settings

Configure other test options

Sharing Tests

Learn how to distribute test links

Build docs developers (and LLMs) love

Get started for freeTalk to us