User security
My user security wishlist would be:
* users to be able to change their own passwords / administrator to be able to force user to change password at next log on
* the ability to force passwords to expire (coupled with users being able to change their own passwords) after x days / y failed log-in attempts
* the ability to lock access down to specific IP address ranges / a bit of fuzzy intelligence to alert the administrator when the account appears to be accessed from a suspect IP (thinking here of venues who are on fixed or very stable IP address ranges)
* possibly an additional layer of security, such as asking the user to enter selected characters chosen at random from a secret phrase (which would help if a PC had become infected with a keystroke monitoring virus)
* certain functions cashier, such as refunds, allocation of complimentary tickets to sit behind an additional level of security - like an override security code to temporarily elevate the cashier security privileges
Comments
Hi Mark,
Thanks for the suggestions, food for thought that we'll certainly consider.
Conor
Another wish: active directory / AzureAD user authentication.
Please sign in to leave a comment.