Versions Compared

Version Old Version 19 New Version 20
Changes made by

Mark Holland (Unlicensed)

Mark Holland (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Policy Details

InTime

The password policy is set for the whole Agency

The password must be between 8 and 50 characters long and contain at least three of the following:

  • Numbers

  • Upper case letters

  • Lower case letters

  • Symbols

 Passwords cannot contain:

  • Spaces

  • Alphabetical sequences

  • Numerical sequences of length 3

  • Qwerty keyboard sequences

  • Four repeated characters

  • Accented letters, e.g. á é

  • The following characters: £ ¬ € < >

Note:

  • The number of days that a password is valid for is defaulted to 90days, after this period it must be changed.

  • Accounts are locked after 5 failed attempts

InPay

The password policy is set for each customer and can be overridden based on role.  As part of the configuration you can specify

  1. The minimum length of the password (default 8)
  2. Whether it must include both a number and a special character (default yes)
  3. The number of days that a password is valid for.  After this period it must be changed (default 90)

Note:

  • Accounts are locked after 6 failed attempts.
  • Non Self Service accounts are disabled if the user has not logged in for 70 days

Client Portal

  • Minimum length 68
  • Contain at least 1 number, 1 upper case character, 1 lower case character, 1 non alphanumeric character
  • Expires after 91 days

...


UPDATE - 26 May 2016 - Password Expiry

...

User accounts are now locked after 5 failed login attempts. The user is prompted to contact their administrator to unlock their account. To unlock a user's account, in the Profiles menu, select Unlock Account. Enter the user's username and click Unlock.

 


Alternatively, to unlock a user's account, in the Profiles menu, select correct user level (manager, consultant etc) and do a search for the user. Check the select box next their name and click Unlock Accounts. Note, this method can be used to unlock multiple accounts at the same time.

...

Providing you have the Get Passwords role, when viewing a worker/manager you will see a Switch To User action in the top corner of the user details page as shown below. 


  


When you click on this link you will be logged in as if you were that particular user.  You will notice that the menu bar now contains an entry Exit User.  When you click this you will be returned to your original login

  


Instructions for demo system users

Timesheet submission and approval using 'switch user' 


  • Log in as an Administrator
  • Select Profiles from the top menu bar and select ‘Workers’
  • Choose a contractor (I suggest Advice Note for a Limited company worker)
  • Select ‘Switch To User’
  • You have now switched users, you are logged in as a worker
  • Using the ‘Recent Timesheets’ dashboard select a placement and select create to enter a timesheet
  • Enter your hours and press ‘ Save And Submit’, the timesheet is now with the client manager for approval
  • You will notice that the menu bar now contains an entry ‘Exit User’.  When you make this selection you will return to your original Administrator user
  • Select Profiles from the top menu bar and select ‘Manager’
  • Choose the approving manager and select ‘Switch To User’
  • Select the ‘Unauthorised’ tile from the ‘Timesheets’ dash
  • View the timesheet by clicking the timesheet ID, enter your password to approve
  • Click ‘Exit User’.  When you make this selection you will return to your original Administrator user to begin billing

...

Answer - Administrators should impersonate the user, go to My Details -> Personal Details -> Change Password. Enter an appropriate password and click Save. This will change the users password to the one entered. You do not need to click 'Save' again on the 'My Details' screen, click 'Cancel' or navigate away from the 'My Details' screen. The administrator should then communicate the new password to the user and advise them to change it a new password the first time they login.