Version 21.3

Path: Admin tab > Global Preferences > Security tab

About

This article will go over the changes to the Strong Passwords enabled section in Global Preferences. See this article for the original.

Overview of Updates

• Resetting Passwords can be done by Admin users - no need to call Support.
• Users are given a default of 5 attempts to log in before they are locked out. See section below for more details.
• A new pop-up will appear if you attempt to exceed your “number of consecutive attempts” and fail to login (if you are a nonadmin user). Admin users get an infinite number of tries.

Enable Strong Passwords - Consecutive Attempts Updates

Previously, when a practice had Strong Passwords enabled, the setting for Number of consecutive attempts at setting a password before user is disabled if left blank would assume the value of 2 and disabled users after 2 failed login attempts. This value of 2 never displayed in the field informing the user that this was occurring.

To improve this workflow we have done the following:

• Renamed the field to Number of consecutive attempts at entering a password during login before user is disabled to ensure it's clear to the user that after x attempts they will be disabled.
• Established a new min/max value for this field: 0-15
• Established a new default value for this field: 5
• If a practice has a value already set, the following will take place upon update:
  • If a practice has a value already set between 0-15 we will respect that value and make no changes to the system.
  • If a practice has a value greater than 15, upon editing we will change to 15.
• If a practice enables strong passwords for the first time, we will default in a value of 5 and it will display in the field.
• If a practice has a NULL value, we will change to 5 and it will display in the field.