HiFinance
4
SECTION
7.1.4 - PASSWORDS
USAGE: To change passwords and other user attributes.
DISCUSSION: HiFinance contains a
high-level security password system. Each user must log-in under their assigned
user-code.
Each user-code
has an associated password. This password is encrypted
by HiFinance via non-reversible algorithm and stored on disk along with its
respective user-code. Both items must be known before the user may
successful log-in to HiFinance. Each user may change their password, and are in
fact encouraged to do so, to maintain security. The audit trail prints the user-code
on each line so that it is possible to track any entry back to a specific
user as well as the time and date that it was created. Furthermore, each time a
user logs-on or logs-off, an entry is made in the audit trail. This gives the system
supervisor an overview of computer usage, even for the users who
have logged-in without entering any transactions or modifications, eg. just
enquiries.
HiFinance creates a special USER-CODE. This is the
supervisory, or top-level, log-in code. It always has the name SUPERVISOR. Only SUPERVISOR may create, deleted or,
modify user-codes. Once a user has been assigned a code, they may change their
own password. SUPERVISOR can change anyone's
password, as well as its own. SUPERVISOR also has facilities to
allow or disallow access to any menu option for any user, accept SUPERVISOR itself. SUPERVISOR always has access to all
facilities.
SUPERVISOR has absolute discretion to
change and rearrange facilities on the system. It is thus imperative to keep SUPERVISOR's password secret. It is also necessary to change
it regularly if you suspect that it is known and is being used by unauthorised
personnel.
There are no facilities to change or recover SUPERVISOR's password if it has been forgotten.
It is recommended that you always use HiFinance via
a user-code
other than SUPERVISOR. Keep the supervisory log-in for special system
maintenance only and keep SUPERVISOR's password in a safe place,
in case it is forgotten.
The PASSWORD MAINTENANCE option is
accessed by pressing 3 on the SYSTEM PARAMETERS MENU.
CHANGING
YOUR PASSWORD
Upon choosing this option you will first be asked
for your existing password. This stops unauthorised persons from changing your
password if you forget to log-off when you leave your terminal. The screen will
display as follows:
Note that at no stage will the password be display.
All that ever appears is a string of asterisks. This stops anyone else seeing
your password over your shoulder. However, it also means that you must enter
your password blind. If your password
requires upper- and lower-case characters, enter it carefully, otherwise it
will be rejected. If you do not enter the correct password (including case) you
will be returned to the SYSTEM OPTIONS MENU.
Having entered your current password, if you are not
SUPERVISOR, you will be asked to enter
your new password. As a check, the computer will ask you to re-enter your new
password. The screen looks as follows:
Once you have entered, and verified, the new
password, the files are updated. Your new password becomes effective
immediately.
Changing passwords as SUPERVISOR.
As with other user-codes, SUPERVISOR is first asked for its existing password. This
precaution is vital in case you have already logged-in and have left your
terminal unattended. Any unauthorised person attempting to use the password
routine would then be blocked because they would not know SUPERVISORS's password.
Having entered SUPERVISOR's password, the screen will ask two questions. The
screen will appear as follows:
If you answer Y to the first question, the
computer will ask:
Enter the user-code of the user whose password you
wish to change. As SUPERVISOR, you do not need to know
the user's existing password. (This is very useful if the user has forgotten
their password or you wish to temporarily lock out a user.) The computer will
then ask you to enter and confirm the new password. After this you will be
returned to the SYSTEM UTILITIES MENU.
If you had entered N to
both questions (above) you will be able to change SUPERVISOR's password. The procedure is the same as for any
other user, see above.
Maintaining user attributes
This facility only exists if you log-in as SUPERVISOR. To enter the function, you must answer Y to the second question, above. You will be transferred to the USER MAINTENANCE program where the
first thing you will be asked for is a user-code. This is the user-code of the
user you wish to set attributes for. It must not be SUPERVISOR itself as the supervisor always has all options
available. If you enter a user-code that does not currently exits, you will be
asked if you wish to create the new user. When you create a new code, you will
need to also supply an initial password, eg. PASS.
The user can then change their password to one they might prefer, if required.
A user-code can be any string of
letters and/or numbers in upper- or lower-case. The user-code may be up to 10
characters long. It must not contain embedded spaces or start with a space.
A password can be any string of up to
8 characters. The password cannot be left blank but may include embedded
spaces. For maximum security, passwords should ideally be at least 5 characters
long and be a mixture of upper- and lower-case letters, and numbers. Passwords
should not be your date-of-birth, a person’s name spelt forwards or backwards,
etc. as these can be guessed easily. To protect sensitive information,
passwords should be changed regularly. Note that HiFinance has the facility to
make passwords case-insensitive.
This defeats the security aspect of the password system somewhat but makes the
system more compatible with the feel
of DOS or NOVELL, which always ignore case. Case-sensitivity is not
user-definable, that is, your installation must be set-up in the desired
configuration, from the start, by your dealer.
If you require assistance with this facility,
contact your dealer for advice. The concept of security and passwords is not
intuitive.
If you are creating a new user, the program will ask
you if you wish to duplicate an existing user. If you answer Y, HiFinance will copy all the permissions and attributes from the
existing user across to the new user. This is particularly useful if you are
setting-up a series of user-codes with similar attributes, eg. for a series of
accounts personnel or Secretaries.
The screen now appears as follows:
Note that the current user-code is displayed at the
top of the screen.
You are now in the DISPLAY MODE. In this mode you can move around the menu structure.
This program mimics the menu program in that all the menu options appear, but
unlike the real menu program, pressing a number will not actually initiate the
option. Instead, the program displays the menu and also displays a Y or N against each option. Those
that have an N, are not available to the
current user.
To exit from this screen, press <ESC>. The user will have been created and any attributes
set will become effective immediately.
If you wish to delete this user press <F3>. This will completely delete the user from the
system. Make sure that the user is not currently logged-on. Once a user-code is
deleted, the user will not have access to HiFinance. The user can only be
reinstated by totally recreating their code.
Setting User Options
The first step to customising a user’s attributes is
to set-up the options for the user. Press <F4>. The following questions
will be asked:
ASK
TO PRINT AUDIT-TRAIL ON EXIT? .............. (Y+/N-) [ ]
This question is only relevant if you have chosen to
print the audit trail, SECTION 7.1.2. New
users are flagged with an N here. This means that, by
default, they will not be offered the opportunity to print the audit trail when
they exit the MAIN MENU. It will
still possible for such a user to print the audit trail via the UTILITIES MENU unless you separately
lock out this option from them. To be asked for the audit trail print on exit,
enter Y here. Usually, only senior
operators will be given the option to print the audit trail.
SUPPRESS
BEEP IN AUTO-SEARCH? .................. (Y+/N-) [ ]
Before HiFinance goes into an auto-search it beeps
to warn you that you have not entered a correct code. (Auto-search can be
turned on or off in the SYSTEM OPTIONS,
see SECTION 7.1.2.)
Some users find this beep useful and some find it annoying. You can choose here
whether an individual user will get a beep or not.
SUPPRESS
BEEP IN WARNINGS? ..................... (Y+/N-) [ ]
Certain conditions cause HiFinance to display a
warning message. Most of these also cause the computer to beep. Some users find
this beep useful and some find it annoying. You can choose here whether an
individual user will get a beep or not.
SUPPRESS
BEEP IN ERRORS? ....................... (Y+/N-) [ ]
Certain conditions cause HiFinance to display an
error message. Most of these also cause the computer to beep. Some users find
this beep useful and some find it annoying. You can choose here whether an
individual user will get a beep or not.
ALLOW
THIS USER TO INITIATE AUTO-JOURNALS? ..... (Y+/N-) [ ]
At the beginning of the day, HiFinance checks to see
if there are any auto-journals to be applied. This is checked once a day by the
first user to log in, if that user is SUPERVISOR
or if the current option is set to Y
for that user.
There is a delay while HiFinance is checking for auto-journals. This delay
might confuse certain users, so the option is set to N by default. Then you can set it to Y for any of your more senior
employees or just leave it till you log in as SUPERVISOR.
ALLOW
SUPERVISOR OVERRIDE RIGHTS? .............. (Y+/N-) [ ]
There are certain functions that can only be entered
by SUPERVISOR. These include,
overriding stop-payments, re-initialising last-journal dates, etc. You can also
allow other trusted employees the right to enter these functions if you reply Y here. Note that only SUPERVISOR
can update this field so SUPERVISOR
still has ultimate control.
ALLOW
THIS USER TO UPDATE NOTES IN ENQUIRIES? .. (Y+/N-) [ ]
Normally, Debtor, Creditor, etc. notes can only be
updated in the MODIFY option. If you
also wish to allow updates in ENQUIRIES,
enter Y here. Note that this can be
set user-by-user and that the SUPERVISOR
automatically has this feature enabled.
LIMITED
ACCESS TO DEBTORS FOR THIS USER? ....... (Y+/N-) [ ]
Normally, if you allow a user access to Debtor
enquiries, they have all rights to see all the information. This is acceptable
in most office environments. However, if you allow remote access to HiFinance,
or if you wish to limit some of your staff from seeing sales information, enter
Y here. If you enter Y the
user will not be able to press <F3> for print, or <F10> for graphs. They will still have access to amounts
outstanding, etc. Note that this can be set user-by-user and that the SUPERVISOR automatically has this
feature disabled.
LIMITED
ACCESS TO INVENTORY FOR THIS USER? ....(Y+/N-/A) [ ]
Normally, if you allow a user access to Inventory
enquiries, they have all rights to see all the information. This is acceptable
in an office environment. However, if you have packing staff, etc. who should
have limited access to this information, enter Y or A here. The A option only removes the
purchase price information (so that the user cannot calculate the margin) and
the print function (for the same reason). The Y option
is harsher. It is specifically designed for warehousing situations where you
wish to show a minimum of information. When the user accesses the MODIFY or ENQUIRY option, a special version of the program will be initiated
rather than the normal one. Note that this can be set user-by-user and that the
SUPERVISOR automatically has this
feature disabled.
LIMIT
INVOICING TO SUNDRY FOR THIS USER? ....... (Y+/N-) [ ]
This is a special function that limits the use of
this user-code for sundry debtors (i.e. cash sales). If you are using HiFinance
in a retail situation, you may have terminals that are never used for anything
else but cash sales (as distinct from those used for cash and some corporate debtors).
If you enter a Y here, the user will (upon entering Invoicing or Credit-notes)
be only able to access the Debtor called SUNDRY. Other functions can still be
accessed so it may still be necessary to disable certain functions (eg
reporting) manually.
SUPPRESS
LAST-PURCHASE-PRICE DISPLAY? .......... (Y+/N-) [ ]
This option is only valid if the
corresponding question in SYSTEM DEFAULTS (See SECTION
7.1.2) is set to A. If you have done this,
then the display of the last-purchase-price (in invoicing) is controlled by
this option and can be set on a user-by-user basis. Note that SUPERVISOR always
has this option set to Y.
SUPPRESS
COS-OF-SALES DISPLAY? ................. (Y+/N-) [ ]
This option is similar to the LIMITED ACCESS option, above. It is, however, less drastic. It
only suppresses the purchase prices, value-on-hand and cost-of-sales
information. This option is normally used for sales staff that need all pricing
information but should be allowed to view costing information. Note that this
option only affects INVENTORY ENQUIRIES. If you wish suppress
information elsewhere, access to the actual programs (eg reports, etc) can be
suppressed (see below).
DEFAULT
LOCATION (ZERO => USE MASTER CONTROL FILE) ... [ ]
This option is only relevant for site that use the
multi-location option. Single location sites should leave this field as zero.
For Multi-location sites, you can set a global default location number that
will be picked up in Invoicing and Sales Orders. (See SECTION
7.1.2) However, you can choose to enter a number here, which will
over-ride this default for the current USER only. If you leave the field as
zero, HiFinance will use the global default.
DEFAULT
BANK (ZERO => USE MASTER CONTROL FILE) ... [ ]
This option is only relevant if you are using the
multi-bank options. It is basically used for point-of-sale sites that wish to
attach a specific user to a bank. This way, individual users (shops) can
separate their banking without having to remember which bank number to enter.
If you leave this field blank, the default bank (from GENERAL LEDGER CONTROL
FILES (see SECTION 7.5.2) will take effect.
COMPANY
DETAILS CODE FOR SUNDRY DEBTOR PROCESSING .... [999]
This option is only relevant for site that use the
multi-location option. Single location sites should leave this field as zero.
For Multi-location sites, HiFinance automatically appends the number you put in
this field to the Sundry Debtor Code. Eg if you enter 002, HiFinance will automatically change SUNDRY
to SUNDRY002. This is used to separate
Sundry Debtors, in multi-location installations, for sales and enquiries. Note
that SUPERVISOR effectively always has 001 in this field.
To exit from this screen, press <F10>. If you press <ESC> instead, you will also
leave this screen, but no update will have occurred.
Locking out an option
You may move around in display mode until you
display a screen that contains functions that you wish to lock out. Pressing <F2>. This will change you into the EDIT MODE. In this mode you are able to change the user's access to
the displayed menu options.
The screen will appear as follows:
The options are:
Y+/N- Each option has a yes/no switch on the same line. To
make the option available choose Y, otherwise choose N. Note that if you choose to lock-out an option which is itself a menu
option, the entire branch of the menu becomes unavailable to the user. Eg.
locking out DEBTOR REPORTS will
lock-out all ledger reports. If you wish to lock-out only some
reports, enable DEBTOR REPORTS and
then choose DEBTOR REPORTS in DISPLAY MODE, and finally, choose which
particular reports you wish to lock-out.
<F4> This will make all options on this screen available
to the user. Any locked options will be unlocked.
<F5> This will make all options on this screen
unavailable to the user. All options will be tagged as locked.
<F10> This will save your changes and return you to the display
mode.
<ESC> This will abort any changes you have made and return
you to the display mode.
If you wish to lock all options for a whole menu,
eg. all report options for DETOR transactions, it is more
efficient to lock the option on the previous menu. This will also have the
effect of not allowing the user to display the locked menu.
Leaving the User Maintenance Option
Having created the user, their options and
permissions, press <ESC> in display mode until you
have returned to the ENTER USER-CODE question. From here you may
either enter another user-code or press <ESC> to be returned to the SYSTEM UTILITIES MENU.