User security

My user security wishlist would be:

* users to be able to change their own passwords / administrator to be able to force user to change password at next log on

* the ability to force passwords to expire (coupled with users being able to change their own passwords) after x days / y failed log-in attempts

* the ability to lock access down to specific IP address ranges / a bit of fuzzy intelligence to alert the administrator when the account appears to be accessed from a suspect IP (thinking here of venues who are on fixed or very stable IP address ranges)

* possibly an additional layer of security, such as asking the user to enter selected characters chosen at random from a secret phrase (which would help if a PC had become infected with a keystroke monitoring virus)

* certain functions cashier, such as refunds, allocation of complimentary tickets to sit behind an additional level of security - like an override security code to temporarily elevate the cashier security privileges

4

Comments

2 comments
Date Votes
  • Hi Mark,

    Thanks for the suggestions, food for thought that we'll certainly consider.

    Conor

    0
  • Another wish: active directory / AzureAD user authentication.

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post