User Administration
Click here to see this page in full context

 User Administration - Cheat Sheet

Summary

This sheet provides information on user administration and password policies.

Details

 

Password Complexity Requirements

Passwords must meet the following complexity requirements:

 

- Not contain the user's account name or parts of the user's full name that exceed two consecutive characters.

- Be at least 12 characters in length.

- Contain characters from 3 of the following 4 categories:

+ English uppercase characters (A through Z).

+ English lowercase characters (a through z).

+ Base 10 digits (0 through 9).

+ Non-alphabetic characters (for example, !, $, #, %).

How long until a password expires?

Passwords will expire 42 days after they have been created/reset.

Why do passwords expire?

The reason password expiration policies exist, is to mitigate the problems that would occur if an attacker acquired the password to your system. These policies also help minimise some of the risk associated with other users accessing your login.

Why should you create individual users rather than one practice login?

All financial and clinical transactions performed in Merlin are audited by user login. This allows practices to analyse data entry. Auditing serves business purposes as varied as lost transaction recovery, fraud detection, disaster recovery and regulatory compliance.

 

In addition, if individual logins are used, practices can benefit from the system's user roles functionality.

 

Warning

If shared logins are used, passwords can be changed on expiration by any user. If the password change is not communicated around the practice, users will not be able to login.

 

It is not recommended to send passwords via email, or to store passwords in plain text on computers. Our recommendation is to setup individual logins for each individual within the business.

Renewing an expired Password

a) Select 'Ok'.

b) Enter a new password (Password must meet complexity requirements).

c) Confirm your new password.

d) Select 'Change'.

e) A notification will display 'Your password has been changed. Login with your new password to continue'.

f) Login with your new credentials.

Resetting a user's password

To perform this task, your user will require the user roles: 'Security - Edit User' and 'Security - Change User Password'.

If you do not have these user roles assigned, you will receive a system notification message to advise your Practice's system administrator who will have the relevant user roles to complete the task on your behalf.

 

To reset your user or another user's password:

 

a) Select Administration from the top menu.

b) Navigate to System > Security.

c) Select the relevant username from the list.

d) Select the 'Edit' button

e) Tick the 'Password' checkbox.

f) The password field will become active. Enter your new password.

g) Re-enter a new password, if you want the user to change this password upon their first login, see step H. If not, proceed to step I.

h) Select the checkbox 'Change at Login'.

i) If you know the user's old password, enter it into the 'Enter old password to confirm' field and proceed to step L.

j) If you do not know the user's old password, tick 'Admin User Override'.

k) Select 'OK' and enter your username and password.

l) Select 'OK'.

m) A notification should display stating 'User successfully updated'.

 

Copyright © 2013-2021

MWI Animal Health, an AmerisourceBergen Company