 |
The system has been modified to track password change date/time and validates against a minimum password age. The change password feature checks the last password change and prevents the user from changing the password if it does not exceed the minimum password age and displays the following message: “Password cannot be changed prior to x days of the last password change (mm/dd/yyyy hh:mm:ss: am/pm).”
This validation does not occur for first time users who are required to perform a password change or for users that had their password reset by their System Administrator. The ‘Forgot Password’ feature requires the user to change their password as part of that workflow and cannot be used if the last password change does not exceed the minimum password age. The following message displays if this scenario occurs: “Unable to use Forgot Password feature. Password cannot be changed prior to X days of the last password change (mm/dd/yyyy hh:mm:ss am/pm). Please contact your System Administrator to Reset Password.”
The minimum password age is a configurable property available to set during the OPPSA Application Installation (Transform Property: <Property Id="OPPSA.MinPasswordAgeInDays" Value="0" />. See Modify Transform.xml File for specific value details).
The Login page logic has been modified to count failed attempts using the value for the configurable property: MaxPasswordAnswerAttempts. For example, if the configuration value is set to ‘5’, the user account will lock after the 5th failed login attempt (previously it was locking after 6th failed login attempt).
The authorization service functions have been modified to capture the following events in the security log file:
The Tax Identification Number (TIN) on the Charter page is now masked. During data entry, the values display and upon leaving the field, the value is masked with asterisks.
Previously, if a policy was renamed using a policy name that already exists, the application deleted the policy being renamed from the database and displayed an error message stating that the policy name already exists.
The policy rename function has been modified to retain the policy in the database when trying to rename it using an existing policy name. The error message text has been enhanced as follows: “Updates were not saved. The Policy Name already exists.”
Only one barcode can exist per organization (excludes inherited barcodes). Previously, if a barcode already existed for a given organization and the user attempts to add another barcode (+Barcode button), a fault exception message displayed.
The process has been modified and the following message displays if the user attempts to add a barcode for an organization where one already exists: "Unable to create barcode. A barcode already exists for this organization. Please update the existing barcode."
A Health Check Page is available for use to check the status of the OPPSA service/application.
Health Check Page URL: https://example.domain.net/OPPSA/HealthCheck.aspx (replace “example.domain.net” with fully qualified server name. )
The following connections are checked:
A session timeout of 20 minutes has been added to the OPPSA application. The session will automatically end after 20 minutes of inactivity and display the following message: “For security reasons, your session is no longer active. Click Continue to proceed to login page.”
The session timeout value is not a configurable property.
|