This page (revision-39) was last changed on 26-Nov-2021 10:22 by jaiken

This page was created on 26-Nov-2021 10:22 by jmyers

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note
39 26-Nov-2021 10:22 30 KB jaiken to previous
38 26-Nov-2021 10:22 31 KB rforbes to previous | to last
37 26-Nov-2021 10:22 31 KB rforbes to previous | to last
36 26-Nov-2021 10:22 31 KB rmorrell to previous | to last
35 26-Nov-2021 10:22 31 KB rmorrell to previous | to last
34 26-Nov-2021 10:22 31 KB jmyers to previous | to last
33 26-Nov-2021 10:22 31 KB jmyers to previous | to last EMAIL_ADDRESS ==> EMAIL_ADDRESS(Disambiguation)
32 26-Nov-2021 10:22 31 KB jmyers to previous | to last
31 26-Nov-2021 10:22 31 KB jmyers to previous | to last
30 26-Nov-2021 10:22 31 KB jmyers to previous | to last
29 26-Nov-2021 10:22 31 KB jmyers to previous | to last
28 26-Nov-2021 10:22 32 KB jmyers to previous | to last
27 26-Nov-2021 10:22 32 KB jmyers to previous | to last
26 26-Nov-2021 10:22 33 KB jmyers to previous | to last
25 26-Nov-2021 10:22 33 KB jmyers to previous | to last
24 26-Nov-2021 10:22 33 KB jmyers to previous | to last
23 26-Nov-2021 10:22 33 KB jmyers to previous | to last
22 26-Nov-2021 10:22 33 KB jmyers to previous | to last
21 26-Nov-2021 10:22 33 KB jmyers to previous | to last

Page References

Incoming links Outgoing links

Version management

Difference between version and

At line 5 changed one line
The [{$applicationname}] application tightly controls who can access the system. Strict security rules are enforced for all types of users - [{$applicationname}]users, Self Service users and Candidates.
The Personality application tightly controls who can access the system. Strict security rules are enforced for all types of users - Admin users, Self Service users, and Candidates.
At line 7 changed 2 lines
![{$applicationname}] User Login
[{$applicationname}] users enter the [{$applicationname}] Professional system through the login screen:
!Admin User Login
Admin users enter the Personality Admin User Interface through the login screen:
At line 10 changed 2 lines
;[User Name|USER_NAME]:A user name must be provided. The user name is a unique identifier that indicates a user’s roles, capabilities and access rights. User names may be up to 30 alphanumeric characters. User names are assigned by a security administrator.
;[User Password|USER_PASSWORD]:A user password must be provided to authenticate the person logging in. The password field is masked with asterisks as it is entered to keep it confidential. Passwords may be up to 16 alphanumeric characters; they are encrypted in the database. Passwords are initially generated by the system but may be subsequently maintained by the [{$applicationname}] user or a security administrator.
;[User Name|USER_NAME]: A username must be provided. The username is a unique identifier that indicates a user’s roles, capabilities, and access rights. Usernames may be up to 30 alphanumeric characters. Usernames are assigned by a security administrator.
;[User Password|USER_PASSWORD]: A user password must be provided to authenticate the person logging in. The password field is masked with asterisks as it is entered to keep it confidential. Passwords may be up to 16 alphanumeric characters; they are encrypted in the database. Passwords are initially generated by the system but may be subsequently maintained by the user or a security administrator.
At line 13 changed one line
[{$applicationname}] users will only be allowed to use the system if their credentials match those on file and if there are no restrictions currently imposed on their access. They may be asked to change their password as soon as their login has been validated under any of the following circumstances:
Personality users will only be allowed to use the system if their credentials match those on file and if there are no restrictions currently imposed on their access. They may be asked to change their password as soon as their login has been validated under any of the following circumstances:
At line 18 changed one line
[{$applicationname}] users credentials are validated against the information coded on the [IMUS Access|IMUS#Access] tab and are subject to the security rules established in the [IMAR] screen. The database that the user will be connected to is identified in the URL that was used to start the application.
Personality users credentials are validated against the information coded on the [IMUS Access|IMUS#Access] tab and are subject to the security rules established in the [IMAR] screen. The database that the user will be connected to is identified in the URL that was used to start the application.
At line 20 changed 2 lines
![{$applicationname}] User Forgotten Passwords
If an [{$applicationname}] user forgets their password, they should click the Forgot Password button on the login screen.
!Personality User Forgotten Passwords
If an Personality user forgets their password, they should click the Forgot Password button on the login screen.
At line 30 changed one line
;[Email Address|EMAIL_ADDRESS]:An email address must be provided.
;[Email Address|EMAIL_ADDRESS(Field)]:An email address must be provided.
At line 33 changed one line
Self Service users enter the [{$applicationname}] Self Service system through the login screen:
Self Service users enter the Personality Self Service system through the login screen:
At line 38 changed one line
%%information The term “PIN” and “Password” can be used interchangeably. Self Service passwords are normally referred to as PIN numbers to differentiate them from [{$applicationname}] User and Candidate passwords.%%
%%information The term “PIN” and “Password” can be used interchangeably. Self Service passwords are normally referred to as PIN numbers to differentiate them from Personality User and Candidate passwords.%%
At line 45 changed one line
Self Service user credentials are validated against the information coded on the Self Service Access tab in the [IEID] screen and are subject to the security rules established in the [IMAR] screen. The database that the user will be connected to is identified in the URL that was used to start the application.
Self Service user credentials are validated against the information coded on the [IEID Self Service Access|IEID#SelfServiceAccessTab] tab and are subject to the security rules established in the [IMAR] screen. The database that the user will be connected to is identified in the URL that was used to start the application.
At line 56 changed one line
Candidates enter the [{$applicationname}] Candidate Self Service system through the following login screen:
Candidates enter the Personality Candidate Self Service system through the following login screen:
At line 58 changed one line
;[Last Name|LAST_NAME]:A last name must be provided. This field is not case sensitive.
;[Last Name|LAST_NAME]:A last name must be provided. This field is not case sensitive.
At line 60 changed one line
;[Password|PASSWORD]:A password must be provided to authenticate the Candidate. The password field is masked with asterisks as it is entered to keep it confidential. Passwords may be up to 16 alphanumeric characters; they are encrypted in the database. Passwords are initially assigned by the Candidate on their first login but may be subsequently maintained by the Candidate or a security administrator.
;[[Password]:A password must be provided to authenticate the Candidate. The password field is masked with asterisks as it is entered to keep it confidential. Passwords may be up to 16 alphanumeric characters; they are encrypted in the database. Passwords are initially assigned by the Candidate on their first login but may be subsequently maintained by the Candidate or a security administrator.
At line 74 changed one line
;[Email Address|EMAIL_ADDRESS]:An email address must be provided.
;[Email Address|EMAIL_ADDRESS(Field)]:An email address must be provided.
At line 84 changed one line
;[Email Address|EMAIL_ADDRESS]:An email address must be provided.
;[Email Address|EMAIL_ADDRESS(Field)]:An email address must be provided.
At line 87 changed one line
Every successful login to [{$applicationname}] initiates a new application session. Session connection information and user context data is recorded on the [P2K_AM_SESSION_AUDITS] table in the database. The system tracks who has accessed the system, when they logged in and out, how they accessed it and what roles they had at the time of the session.
Every successful login to Personality initiates a new application session. Session connection information and user context data is recorded on the [P2K_AM_SESSION_AUDITS] table in the database. The system tracks who has accessed the system, when they logged in and out, how they accessed it and what roles they had at the time of the session.
At line 117 changed 2 lines
![{$applicationname}] User Password Changes
[{$applicationname}] users may change their own password through [IMCU] within the [{$applicationname}] Professional application.
!Personality User Password Changes
Personality users may change their own password through [IMCU] within the Personality Professional application.
At line 121 changed 3 lines
;[Existing Password|]:The existing password must be entered to authenticate the request.
;[New Password|]:A new password must be supplied
;[Confirm Password|]:The new password must be entered a second time to ensure that it has not been keyed incorrectly.
;__Existing Password__:The existing password must be entered to authenticate the request.
;__New Password__:A new password must be supplied.
;__Confirm Password__:The new password must be entered a second time to ensure that it has not been keyed incorrectly.
At line 129 changed 4 lines
;[User Name|]:The user name defaults to the user who is currently logged in.
;[Existing PIN|]:The existing password must be entered to authenticate the request.
;[New PIN|]:A new password must be supplied.
;[Confirm PIN|]:The new password must be entered a second time to ensure that it has not been keyed incorrectly.
;[User Name|USER_NAME]:The user name defaults to the user who is currently logged in.
;__Existing PIN__:The existing password must be entered to authenticate the request.
;__New PIN__:A new password must be supplied.
;__Confirm PIn__The new password must be entered a second time to ensure that it has not been keyed incorrectly.
At line 134 changed one line
%%information The term “PIN” and “Password” can be used interchangeably. Self Service passwords are normally referred to as PIN numbers to differentiate them from [{$applicationname}] User and Candidate passwords.%%
%%information The term “PIN” and “Password” can be used interchangeably. Self Service passwords are normally referred to as PIN numbers to differentiate them from Personality User and Candidate passwords.%%
At line 140 changed 4 lines
;[User Name|]:The user name defaults to the user who is currently logged in.
;[Existing PIN|]:The existing password must be entered to authenticate the request.
;[New PIN|]:A new password must be supplied.
;[Confirm PIN|]:The new password must be entered a second time to ensure that it has not been keyed incorrectly.
;[User Name|USER_NAME]:The user name defaults to the user who is currently logged in.
;__Existing PIN__:The existing password must be entered to authenticate the request.
;__New PIN__:A new password must be supplied.
;__Confirm PIN__:The new password must be entered a second time to ensure that it has not been keyed incorrectly.
At line 149 changed 2 lines
!Resetting [{$applicationname}] User Passwords
[{$applicationname}] user passwords can be reset by security administrators through either the [IMRU] screen or through the [IMUS Access|IMUS#Access] tab within the [{$applicationname}] Professional application. These functions should be highly secured.
!Resetting Personality User Passwords
Personality user passwords can be reset by security administrators through either the [IMRU] screen or through the [IMUS Access|IMUS#Access] tab within the Personality Professional application. These functions should be highly secured.
At line 152 changed 5 lines
;[Find Block|]:The eP user whose password is to be changed must be located in the Find block on the top line.
;[New Password|]:A new password must be supplied or the “generate” toggle must be turned on.
;[Confirm Password|]:If the new password is being supplied, it must be entered a second time to ensure that it has been keyed correctly.
;[Or Generate New Password|]:This toggle must be turned on if the security administrator wants the new password to be generated by the system.
;[Force Password Change On Next Login|]:This toggle allows the security administrator to force the user to change their password on their next login.
;__Find Block__:The Personality user whose password is to be changed must be located in the Find block on the top line.
;__New Password__:A new password must be supplied or the “generate” toggle must be turned on.
;__Confirm Password__:If the new password is being supplied, it must be entered a second time to ensure that it has been keyed correctly.
;__Or Generate New Password__:This toggle must be turned on if the security administrator wants the new password to be generated by the system.
;__Force Password Change On Next Login__:This toggle allows the security administrator to force the user to change their password on their next login.
At line 161 changed 6 lines
Self Service PIN numbers can be reset by security administrators through either [IMRE] or through the Self Service Access tab on [IEID] within the [{$applicationname}] Professional application. Access can be restricted to specific personnel records in both of these functions by setting up appropriate security rights.
;[Find Block|]:The person whose PIN number is to be changed must be located in the Find block on the top line.
;[New PIN|]:A new PIN number must be supplied or the “generate” toggle must be turned on.
;[Confirm PIN|]:If the new PIN number is being supplied, it must be entered a second time to ensure that it has been keyed correctly.
;[Or Generate New PIN|]:This toggle must be turned on if the security administrator wants the new PIN number to be generated by the system.
;[Force PIN Change On Next Login|]:This toggle allows the security administrator to force the user to change their PIN number on their next login.
Self Service PIN numbers can be reset by security administrators through either [IMRE] or through the [IEID Self Service Access|IEID#SelfServiceAccessTab] tab within the Personality Professional application. Access can be restricted to specific personnel records in both of these functions by setting up appropriate security rights.
;__Find Block__:The person whose PIN number is to be changed must be located in the Find block on the top line.
;__New PIN__:A new PIN number must be supplied or the “generate” toggle must be turned on.
;__Confirm PIN__:If the new PIN number is being supplied, it must be entered a second time to ensure that it has been keyed correctly.
;__Or Generate New PIN__:This toggle must be turned on if the security administrator wants the new PIN number to be generated by the system.
;__Force PIN Change On Next Login__:This toggle allows the security administrator to force the user to change their PIN number on their next login.
At line 168 changed one line
%%Information The term “PIN” and “Password” can be used interchangeably. Self Service passwords are normally referred to as PIN numbers to differentiate them from eP User and Candidate passwords.%%
%%Information The term “PIN” and “Password” can be used interchangeably. Self Service passwords are normally referred to as PIN numbers to differentiate them from Personality User and Candidate passwords.%%
At line 173 changed 6 lines
Candidate passwords can be reset by security administrators through either the [IRPIN] or through the [IRCA|IRCA#AssessmentsTab] Assessments tab within the eP Professional application.
;[Find Block|]:The Candidate whose password is to be changed must be located in the Find block on the top line.
;[New Password|]:A new password must be supplied or the “generate” toggle must be turned on.
;[Confirm Password|]:If the new password is being supplied, it must be entered a second time to ensure that it has been keyed correctly.
;[Or Generate New Password|]:This toggle must be turned on if the security administrator wants the new password to be generated by the system.
;[Force Password Change On Next Login|]:This toggle allows the security administrator to force the Candidate to change their password on their next login.
Candidate passwords can be reset by security administrators through either the [IRPIN] or through the [IRCA|IRCA#AssessmentsTab] Assessments tab within the Personality Professional application.
;__Find Block__:The Candidate whose password is to be changed must be located in the Find block on the top line.
;__New Password__:A new password must be supplied or the “generate” toggle must be turned on.
;__Confirm Password__:If the new password is being supplied, it must be entered a second time to ensure that it has been keyed correctly.
;__Or Generate New Password__:This toggle must be turned on if the security administrator wants the new password to be generated by the system.
;__Force Password Change On Next Login__:This toggle allows the security administrator to force the Candidate to change their password on their next login.
At line 183 changed one line
Many different types of users use the [{$applicationname}] system – [{$applicationname}] Professional users, Self Service users and Candidates. All of these different types of users are referred to as “accessors” of the system. [{$applicationname}] uses a consistent approach for managing all accessors of the system.
Many different types of users use the Personality system – Personality Professional users, Self Service users and Candidates. All of these different types of users are referred to as “accessors” of the system. Personality uses a consistent approach for managing all accessors of the system.
At line 194 changed 2 lines
Each type of [{$applicationname}] user has a specific way of being authorized to access the system.
*eP users are created and authorized through [IMUS].
Each type of Personality user has a specific way of being authorized to access the system.
*Personality users are created and authorized through [IMUS].
At line 200 changed one line
Below is a description of each of the different ways users can be authorized in [{$applicationname}].
Below is a description of each of the different ways users can be authorized in Personality.
At line 202 changed 3 lines
!Authorizing [{$applicationname}] Users
[{$applicationname}] users are maintained by security administrators through the [IMUS] within the eP Professional application. Users created through [IMUS] are stored in the [P2K_AM_USERS] table and also become Oracle users. This function should be highly secured.
;[Find Block|]:The user to be viewed or changed must be located in the Find block, unless an Add is being done.
!Authorizing Personality Users
Personality users are maintained by security administrators through the [IMUS] within the Personality Professional application. Users created through [IMUS] are stored in the [P2K_AM_USERS] table and also become Oracle users. This function should be highly secured.
;__Find Block__:The user to be viewed or changed must be located in the Find block, unless an Add is being done.
At line 207 changed one line
;[Email|EMAIL_ADDRESS]:An optional email address may be provided for the user. This is the address that system generated passwords will be sent to.
;[Email|EMAIL_ADDRESS(Field)]:An optional email address may be provided for the user. This is the address that system generated passwords will be sent to.
At line 209 changed 4 lines
;[Name|NAME|]:This 'display only' field shows the name of the person identified in the Person Code field.
;[Create / Retrieve / Update / Delete Toggles|]:These toggles indicate the overriding access capabilities assigned to the user. These may be reduced for individual functions.
;[P2K Access Information|]:This section provides the access information used by P2K. It is provided for compatibility reasons only.
;[Access Tab|]:This section contains the access information that is used by ePersonality. Refer to the [Common Accessor Information|USER PASSWORDS#CommonAccessorInformation] section for a detailed description.
;[Name|NAME]:This 'display only' field shows the name of the person identified in the Person Code field.
;[Create / Retrieve / Update / Delete Toggles]:These toggles indicate the overriding access capabilities assigned to the user. These may be reduced for individual functions.
;[P2K Access Information]:This section provides the access information used by P2K. It is provided for compatibility reasons only.
;[Access Tab|]:This section contains the access information that is used by Personality. Refer to the [Common Accessor Information|USER PASSWORDS#CommonAccessorInformation] section for a detailed description.
At line 216 changed 3 lines
Self Service users are maintained by a security administrator through the [IEID Self Service Access|IEID#SelfServiceAccess] tab within the eP Professional application.
;[Find Block|]:The person to be granted Self Service access must be located in the Find block.
Self Service users are maintained by a security administrator through the [IEID Self Service Access|IEID#SelfServiceAccessTab] tab within the Personality Professional application.
;__Find Block__:The person to be granted Self Service access must be located in the Find block.
At line 232 changed one line
Candidate access information is viewed and maintained by a security administrator through the [IRCA Self Service Access|IRCA#SelfServiceAccessTab] tab within the eP Professional application.
Candidate access information is viewed and maintained by a security administrator through the [IRCA Self Service Access|IRCA#SelfServiceAccessTab] tab within the Personality Professional application.
At line 234 changed one line
;[Find Block|]:The candidate must be located in the Find block.
;__Find Block__:The candidate must be located in the Find block.
At line 256 changed 2 lines
;[Date Sensitive Navigator| ]:The Date Sensitive Navigator is a special form block that allows users to view date sensitive records and make date sensitive changes. Refer to the ;[User Interface manual|CONFIGURATION-UI]: for a more detailed description.
;[Access Status|ACTIVE_STATUS]:The Access Status field indicates whether the user can access the system during the time period of the chosen date sensitive record. This field is maintained by the system but can also be entered manually. \\ \\Both the Access Start/End Dates and the Access Status are checked before a user is allowed to log in.
;[Date Sensitive Navigator| ]:The Date Sensitive Navigator is a special form block that allows users to view date sensitive records and make date sensitive changes. Refer to the [User Interface manual|CONFIGURATION-UI] for a more detailed description.
;[Access Status|ACCESS_STATUS]:The Access Status field indicates whether the user can access the system during the time period of the chosen date sensitive record. This field is maintained by the system but can also be entered manually. \\ \\Both the Access Start/End Dates and the Access Status are checked before a user is allowed to log in.
At line 262 changed one line
Security administrators establish their own rules for system access by type of user. [{$applicationname}] offers many techniques for restricting access:
Security administrators establish their own rules for system access by type of user. Personality offers many techniques for restricting access:
At line 280 changed 2 lines
![{$applicationname}] System Access Rules
All access rules in [{$applicationname}] are defined by accessor type on [IMAR]. Access rules do not have to be set up in advance. They are created automatically during the first login if they do not already exist. However, the automatically generated access rules have no restrictions.
!Personality System Access Rules
All access rules in Personality are defined by accessor type on [IMAR]. Access rules do not have to be set up in advance. They are created automatically during the first login if they do not already exist. However, the automatically generated access rules have no restrictions.
At line 285 changed one line
[{$applicationname}]’s login and password verification techniques are all implemented within the application software and are not dependent on the database engine. The access rules no longer come from Oracle Profiles. Oracle Profiles should no longer be used in the [{$applicationname}] environment.
Personality’s login and password verification techniques are all implemented within the application software and are not dependent on the database engine. The access rules no longer come from Oracle Profiles. Oracle Profiles should no longer be used in the Personality environment.
At line 287 changed one line
Oracle Profiles should no longer be used in the [{$applicationname}] environment.
Oracle Profiles should no longer be used in the Personality environment.
At line 289 changed one line
[{$applicationname}] users are synchronized with the Oracle database users. When a user is created through [IMUS], an Oracle user is also created in the database. When a user’s password is changed in [{$applicationname}], it is also changed at the database level. Self Service users and Candidates are not identified as individual users at the database level.
Personality users are synchronized with the Oracle database users. When a user is created through [IMUS], an Oracle user is also created in the database. When a user’s password is changed in Personality, it is also changed at the database level. Self Service users and Candidates are not identified as individual users at the database level.
At line 292 changed 36 lines
;[Accessor Type| ]:The Accessor Type is a mandatory field that identifies the type of user.
The allowed values shown below are based on the fixed lexicon [X_ACCESSOR_TYPE]:
User - eP user defined through IMUS
Identity - Self Service user defined though IEID
Candidate - Candidate defined through IRCA
Role - role defined through IMRO
Validation Method
Validation method is a mandatory field that identifies whether the new ePersonality password facility is being used and it identifies the algorithm used for encrypting the passwords.
The allowed values shown below are based on the fixed lexicon X_VALIDATION_METHOD:
P2K and EP - both P2K and EP passwords are generated
Personality 2000 - only P2K passwords are generated
ePersonality SHA-1 - only ePersonality passwords are generated (using the SHA-1 algorithm)
Minimum Password Size
This optional numeric field specifies the minimum length of the password. Passwords that are shorten than this will be rejected.
Must Contain Digit
This toggle indicates that the password must contain at least one numeric digit. If the toggle is off the system does not impose a restriction.
Must Contain Punctuation
This toggle indicates that the password must contain at least one punctuation character. If the toggle is off the system does not impose a restriction.
Force Password Change Toggle
This field contains the default for the “Force Password Change” toggle for system generated passwords.
Password Must Change
This toggle indicates that new passwords must not match the prior password. If the toggle is off the system does not impose a restriction.
# Prior Passwords
This optional numeric field specifies the number of prior passwords that must be different than the new password. This option forces a user to use different passwords each time. If the field is empty the system does not impose a restriction.
Password Expires-Dys
This optional numeric field specifies the number of days that a user’s password can exist before going stale. Once the user’s password expires it must be changed on the next login. If the field is empty, the system does not expire the password.
Lock After Expires-Dys
This optional numeric field specifies the number of days following password expiration that the user’s access records will remain active. After this the user’s access records will be locked. If this field is empty the user’s access records will remain active indefinitely.
Login Attempts
This optional numeric field specifies the number of login attempts a user is allowed before the session expires. If the field is empty the system does not impose a restriction.
Max Login Attempts
This optional numeric field specifies the number of login attempts a user is allowed before their access records are locked out. If the field is empty the system does not impose a restriction.
IP Lockout Minutes
This optional numeric field specifies the number of minutes an IP address will remain locked out after the maximum number of login attempts have been reached. If this field is empty, the lockout remains until it is reset by a security administrator.
;[Accessor Type| ]:The Accessor Type is a mandatory field that identifies the type of user.\\The allowed values are based on the fixed lexicon [X_ACCESSOR_TYPE].
;[Validation Method| ]:Validation method is a mandatory field that identifies whether the new Personality password facility is being used and it identifies the algorithm used for encrypting the passwords.\\The allowed values are based on the fixed lexicon [X_VALIDATION_METHOD]:
;[Minimum Password Size| ]:This optional numeric field specifies the minimum length of the password. Passwords that are shorten than this will be rejected.
;[Must Contain Digit| ]:This toggle indicates that the password must contain at least one numeric digit. If the toggle is off the system does not impose a restriction.
;[Must Contain Punctuation| ]:This toggle indicates that the password must contain at least one punctuation character. If the toggle is off the system does not impose a restriction.
;[Force Password Change Toggle| ]:This field contains the default for the “Force Password Change” toggle for system generated passwords.
;[Password Must Change| ]:This toggle indicates that new passwords must not match the prior password. If the toggle is off the system does not impose a restriction.
;[# Prior Passwords| ]:This optional numeric field specifies the number of prior passwords that must be different than the new password. This option forces a user to use different passwords each time. If the field is empty the system does not impose a restriction.
;[Password Expires-Dys| ]:This optional numeric field specifies the number of days that a user’s password can exist before going stale. Once the user’s password expires it must be changed on the next login. If the field is empty, the system does not expire the password.
;[Lock After Expires-Dys| ]:This optional numeric field specifies the number of days following password expiration that the user’s access records will remain active. After this the user’s access records will be locked. If this field is empty the user’s access records will remain active indefinitely.
;[Login Attempts| ]:This optional numeric field specifies the number of login attempts a user is allowed before the session expires. If the field is empty the system does not impose a restriction.
;[Max Login Attempts| ]:This optional numeric field specifies the number of login attempts a user is allowed before their access records are locked out. If the field is empty the system does not impose a restriction.
;[IP Lockout Minutes| ]:This optional numeric field specifies the number of minutes an IP address will remain locked out after the maximum number of login attempts have been reached. If this field is empty, the lockout remains until it is reset by a security administrator.\\ \\This feature uses a server setting that applies to an IP address; hence, all accessor types should use the same setting. If different IP Lockout Minutes are used for different accessor types, the most restrictive setting will apply.\\ \\This feature should not be used in environments that use kiosks.
At line 329 removed 18 lines
This feature uses a server setting that applies to an IP address; hence, all accessor types should use the same setting. If different IP Lockout Minutes are used for different accessor types, the most restrictive setting will apply.
This feature should not be used in environments that use kiosks.
!Client Site Configuration
In P2K, password control is set at the client site level through [IMST-Maintain Client Site Information[. This information is still maintained in ePersonality but it is only used for the P2K users.
!EP/SS Transition
ePersonality uses new password generation techniques based on industry standards. Sophisticated security options are provided for clients who wish to tighten their security. However, for compatibility reasons, P2K password information may be kept in tact until clients no longer need to use P2K. If this is done, users will still be able to login to P2K and run certain P2K processes.
The first time an existing user logs in to any part of ePersonality, the accessor information will be automatically created for them verifying against the former P2K passwords. From them on, the new rules apply.
While users are working in ePersonality - Professional or Self Service - all of the new security restrictions will apply. Even though some of the former P2K information is still shown on the ePersonality screens, the new security is driven entirely from the Accessor information and Access Rules described earlier.
P2K itself is unchanged.
Clients should use the “P2K and EP” validation method in their access rules for now so the P2K information is not lost. This will give them the ability to use either system.
It is advisable for clients to assign passwords for a given accessor type through one system, preferably [{$applicationname}].