HiFinance 4


 

SECTION 7.1.4 - PASSWORDS

 

USAGE: To change passwords and other user attributes.

 

DISCUSSION: HiFinance contains a high-level security password system. Each user must log-in under their assigned user-code. Each user-code has an associated password. This password is encrypted by HiFinance via non-reversible algorithm and stored on disk along with its respective user-code. Both items must be known before the user may successful log-in to HiFinance. Each user may change their password, and are in fact encouraged to do so, to maintain security. The audit trail prints the user-code on each line so that it is possible to track any entry back to a specific user as well as the time and date that it was created. Furthermore, each time a user logs-on or logs-off, an entry is made in the audit trail. This gives the system supervisor an overview of computer usage, even for the users who have logged-in without entering any transactions or modifications, eg. just enquiries.

 

HiFinance creates a special USER-CODE. This is the supervisory, or top-level, log-in code. It always has the name SUPERVISOR. Only SUPERVISOR may create, deleted or, modify user-codes. Once a user has been assigned a code, they may change their own password. SUPERVISOR can change anyone's password, as well as its own. SUPERVISOR also has facilities to allow or disallow access to any menu option for any user, accept SUPERVISOR itself. SUPERVISOR always has access to all facilities.

 

SUPERVISOR has absolute discretion to change and rearrange facilities on the system. It is thus imperative to keep SUPERVISOR's password secret. It is also necessary to change it regularly if you suspect that it is known and is being used by unauthorised personnel.

 

There are no facilities to change or recover SUPERVISOR's password if it has been forgotten.

 

It is recommended that you always use HiFinance via a user-code other than SUPERVISOR. Keep the supervisory log-in for special system maintenance only and keep SUPERVISOR's password in a safe place, in case it is forgotten.

 

The PASSWORD MAINTENANCE option is accessed by pressing 3 on the SYSTEM PARAMETERS MENU.

 

CHANGING YOUR PASSWORD

 

Upon choosing this option you will first be asked for your existing password. This stops unauthorised persons from changing your password if you forget to log-off when you leave your terminal. The screen will display as follows:

 


 


Note that at no stage will the password be display. All that ever appears is a string of asterisks. This stops anyone else seeing your password over your shoulder. However, it also means that you must enter your password blind. If your password requires upper- and lower-case characters, enter it carefully, otherwise it will be rejected. If you do not enter the correct password (including case) you will be returned to the SYSTEM OPTIONS MENU.

 

Having entered your current password, if you are not SUPERVISOR, you will be asked to enter your new password. As a check, the computer will ask you to re-enter your new password. The screen looks as follows:

 


 


Once you have entered, and verified, the new password, the files are updated. Your new password becomes effective immediately.

 

Changing passwords as SUPERVISOR.

 

As with other user-codes, SUPERVISOR is first asked for its existing password. This precaution is vital in case you have already logged-in and have left your terminal unattended. Any unauthorised person attempting to use the password routine would then be blocked because they would not know SUPERVISORS's password.

 

Having entered SUPERVISOR's password, the screen will ask two questions. The screen will appear as follows:

 


 


If you answer Y to the first question, the computer will ask:

 


 


Enter the user-code of the user whose password you wish to change. As SUPERVISOR, you do not need to know the user's existing password. (This is very useful if the user has forgotten their password or you wish to temporarily lock out a user.) The computer will then ask you to enter and confirm the new password. After this you will be returned to the SYSTEM UTILITIES MENU.

 

If you had entered N to both questions (above) you will be able to change SUPERVISOR's password. The procedure is the same as for any other user, see above.

 

Maintaining user attributes

 

This facility only exists if you log-in as SUPERVISOR. To enter the function, you must answer Y to the second question, above. You will be transferred to the USER MAINTENANCE program where the first thing you will be asked for is a user-code. This is the user-code of the user you wish to set attributes for. It must not be SUPERVISOR itself as the supervisor always has all options available. If you enter a user-code that does not currently exits, you will be asked if you wish to create the new user. When you create a new code, you will need to also supply an initial password, eg. PASS. The user can then change their password to one they might prefer, if required.

 

A user-code can be any string of letters and/or numbers in upper- or lower-case. The user-code may be up to 10 characters long. It must not contain embedded spaces or start with a space.

 

A password can be any string of up to 8 characters. The password cannot be left blank but may include embedded spaces. For maximum security, passwords should ideally be at least 5 characters long and be a mixture of upper- and lower-case letters, and numbers. Passwords should not be your date-of-birth, a person’s name spelt forwards or backwards, etc. as these can be guessed easily. To protect sensitive information, passwords should be changed regularly. Note that HiFinance has the facility to make passwords case-insensitive. This defeats the security aspect of the password system somewhat but makes the system more compatible with the feel of DOS or NOVELL, which always ignore case. Case-sensitivity is not user-definable, that is, your installation must be set-up in the desired configuration, from the start, by your dealer.

 

If you require assistance with this facility, contact your dealer for advice. The concept of security and passwords is not intuitive.

 

If you are creating a new user, the program will ask you if you wish to duplicate an existing user. If you answer Y, HiFinance will copy all the permissions and attributes from the existing user across to the new user. This is particularly useful if you are setting-up a series of user-codes with similar attributes, eg. for a series of accounts personnel or Secretaries.

 

The screen now appears as follows:

 


 


Note that the current user-code is displayed at the top of the screen.

 

You are now in the DISPLAY MODE. In this mode you can move around the menu structure. This program mimics the menu program in that all the menu options appear, but unlike the real menu program, pressing a number will not actually initiate the option. Instead, the program displays the menu and also displays a Y or N against each option. Those that have an N, are not available to the current user.

 

To exit from this screen, press <ESC>. The user will have been created and any attributes set will become effective immediately.

 

DELETING A USER

 

If you wish to delete this user press <F3>. This will completely delete the user from the system. Make sure that the user is not currently logged-on. Once a user-code is deleted, the user will not have access to HiFinance. The user can only be reinstated by totally recreating their code.

 

Setting User Options

 

The first step to customising a user’s attributes is to set-up the options for the user. Press <F4>. The following questions will be asked:

 

ASK TO PRINT AUDIT-TRAIL ON EXIT? .............. (Y+/N-) [ ]

 

This question is only relevant if you have chosen to print the audit trail, SECTION 7.1.2. New users are flagged with an N here. This means that, by default, they will not be offered the opportunity to print the audit trail when they exit the MAIN MENU. It will still possible for such a user to print the audit trail via the UTILITIES MENU unless you separately lock out this option from them. To be asked for the audit trail print on exit, enter Y here. Usually, only senior operators will be given the option to print the audit trail.

 

SUPPRESS BEEP IN AUTO-SEARCH? .................. (Y+/N-) [ ]

 

Before HiFinance goes into an auto-search it beeps to warn you that you have not entered a correct code. (Auto-search can be turned on or off in the SYSTEM OPTIONS, see SECTION 7.1.2.) Some users find this beep useful and some find it annoying. You can choose here whether an individual user will get a beep or not.

 

SUPPRESS BEEP IN WARNINGS? ..................... (Y+/N-) [ ]

 

Certain conditions cause HiFinance to display a warning message. Most of these also cause the computer to beep. Some users find this beep useful and some find it annoying. You can choose here whether an individual user will get a beep or not.

 

SUPPRESS BEEP IN ERRORS? ....................... (Y+/N-) [ ]

 

Certain conditions cause HiFinance to display an error message. Most of these also cause the computer to beep. Some users find this beep useful and some find it annoying. You can choose here whether an individual user will get a beep or not.

 

ALLOW THIS USER TO INITIATE AUTO-JOURNALS? ..... (Y+/N-) [ ]

 

At the beginning of the day, HiFinance checks to see if there are any auto-journals to be applied. This is checked once a day by the first user to log in, if that user is SUPERVISOR or if the current option is set to Y for that user. There is a delay while HiFinance is checking for auto-journals. This delay might confuse certain users, so the option is set to N by default. Then you can set it to Y for any of your more senior employees or just leave it till you log in as SUPERVISOR.

 

ALLOW SUPERVISOR OVERRIDE RIGHTS? .............. (Y+/N-) [ ]

 

There are certain functions that can only be entered by SUPERVISOR. These include, overriding stop-payments, re-initialising last-journal dates, etc. You can also allow other trusted employees the right to enter these functions if you reply Y here. Note that only SUPERVISOR can update this field so SUPERVISOR still has ultimate control.

 

ALLOW THIS USER TO UPDATE NOTES IN ENQUIRIES? .. (Y+/N-) [ ]

 

Normally, Debtor, Creditor, etc. notes can only be updated in the MODIFY option. If you also wish to allow updates in ENQUIRIES, enter Y here. Note that this can be set user-by-user and that the SUPERVISOR automatically has this feature enabled.

 

LIMITED ACCESS TO DEBTORS FOR THIS USER? ....... (Y+/N-) [ ]

 

Normally, if you allow a user access to Debtor enquiries, they have all rights to see all the information. This is acceptable in most office environments. However, if you allow remote access to HiFinance, or if you wish to limit some of your staff from seeing sales information, enter Y here. If you enter Y the user will not be able to press <F3> for print, or <F10> for graphs. They will still have access to amounts outstanding, etc. Note that this can be set user-by-user and that the SUPERVISOR automatically has this feature disabled.

 

LIMITED ACCESS TO INVENTORY FOR THIS USER? ....(Y+/N-/A) [ ]

 

Normally, if you allow a user access to Inventory enquiries, they have all rights to see all the information. This is acceptable in an office environment. However, if you have packing staff, etc. who should have limited access to this information, enter Y or A here. The A option only removes the purchase price information (so that the user cannot calculate the margin) and the print function (for the same reason). The Y option is harsher. It is specifically designed for warehousing situations where you wish to show a minimum of information. When the user accesses the MODIFY or ENQUIRY option, a special version of the program will be initiated rather than the normal one. Note that this can be set user-by-user and that the SUPERVISOR automatically has this feature disabled.

 

LIMIT INVOICING TO SUNDRY FOR THIS USER? ....... (Y+/N-) [ ]

 

This is a special function that limits the use of this user-code for sundry debtors (i.e. cash sales). If you are using HiFinance in a retail situation, you may have terminals that are never used for anything else but cash sales (as distinct from those used for cash and some corporate debtors). If you enter a Y here, the user will (upon entering Invoicing or Credit-notes) be only able to access the Debtor called SUNDRY. Other functions can still be accessed so it may still be necessary to disable certain functions (eg reporting) manually.

 

SUPPRESS LAST-PURCHASE-PRICE DISPLAY? .......... (Y+/N-) [ ]

 

This option is only valid if the corresponding question in SYSTEM DEFAULTS (See SECTION 7.1.2) is set to A. If you have done this, then the display of the last-purchase-price (in invoicing) is controlled by this option and can be set on a user-by-user basis. Note that SUPERVISOR always has this option set to Y.

 

SUPPRESS COS-OF-SALES DISPLAY? ................. (Y+/N-) [ ]

 

This option is similar to the LIMITED ACCESS option, above. It is, however, less drastic. It only suppresses the purchase prices, value-on-hand and cost-of-sales information. This option is normally used for sales staff that need all pricing information but should be allowed to view costing information. Note that this option only affects INVENTORY ENQUIRIES. If you wish suppress information elsewhere, access to the actual programs (eg reports, etc) can be suppressed (see below).

 

DEFAULT LOCATION (ZERO => USE MASTER CONTROL FILE) ... [   ]

 

This option is only relevant for site that use the multi-location option. Single location sites should leave this field as zero. For Multi-location sites, you can set a global default location number that will be picked up in Invoicing and Sales Orders. (See SECTION 7.1.2) However, you can choose to enter a number here, which will over-ride this default for the current USER only. If you leave the field as zero, HiFinance will use the global default.

 

DEFAULT BANK (ZERO => USE MASTER CONTROL FILE) ... [       ]

 

This option is only relevant if you are using the multi-bank options. It is basically used for point-of-sale sites that wish to attach a specific user to a bank. This way, individual users (shops) can separate their banking without having to remember which bank number to enter. If you leave this field blank, the default bank (from GENERAL LEDGER CONTROL FILES (see SECTION 7.5.2) will take effect.

 

COMPANY DETAILS CODE FOR SUNDRY DEBTOR PROCESSING .... [999]

 

This option is only relevant for site that use the multi-location option. Single location sites should leave this field as zero. For Multi-location sites, HiFinance automatically appends the number you put in this field to the Sundry Debtor Code. Eg if you enter 002, HiFinance will automatically change SUNDRY to SUNDRY002. This is used to separate Sundry Debtors, in multi-location installations, for sales and enquiries. Note that SUPERVISOR effectively always has 001 in this field.

 

To exit from this screen, press <F10>. If you press <ESC> instead, you will also leave this screen, but no update will have occurred.

 

Locking out an option

 

You may move around in display mode until you display a screen that contains functions that you wish to lock out. Pressing <F2>. This will change you into the EDIT MODE. In this mode you are able to change the user's access to the displayed menu options.

 

The screen will appear as follows:

 


 


The options are:

 

Y+/N-      Each option has a yes/no switch on the same line. To make the option available choose Y, otherwise choose N. Note that if you choose to lock-out an option which is itself a menu option, the entire branch of the menu becomes unavailable to the user. Eg. locking out DEBTOR REPORTS will lock-out all ledger reports. If you wish to lock-out only some reports, enable DEBTOR REPORTS and then choose DEBTOR REPORTS in DISPLAY MODE, and finally, choose which particular reports you wish to lock-out.

 

<F4>       This will make all options on this screen available to the user. Any locked options will be unlocked.

 

<F5>       This will make all options on this screen unavailable to the user. All options will be tagged as locked.

 

<F10>      This will save your changes and return you to the display mode.

 

<ESC>      This will abort any changes you have made and return you to the display mode.

 

If you wish to lock all options for a whole menu, eg. all report options for DETOR transactions, it is more efficient to lock the option on the previous menu. This will also have the effect of not allowing the user to display the locked menu.

 

Leaving the User Maintenance Option

 

Having created the user, their options and permissions, press <ESC> in display mode until you have returned to the ENTER USER-CODE question. From here you may either enter another user-code or press <ESC> to be returned to the SYSTEM UTILITIES MENU.

Return to Table of Contents  Return to Table of Contents