ACRE Consulting Academy logo ACRE Consulting Academy logo
Search

HIFIS System Administrator Training

Current Lesson
Course Content
Course Content
    •
      How to set up a cluster
      1:56
      How-To-Set-Up-A-Cluster 2022-11-16
    • How to merge clusters together
      1:04
      How-To-Merge-Clusters-Together 2022-11-16
    • Introduction to the user list
      3:57
      Introduction-To-User-List 2022-09-30 22
    • How to create a user account
      15:02
      Admin - Add User V59 2022-09-30 22
    • How to reset another user's password
      3:02
      How-To-Reset-Another-User-S-Password 2022-09-30 22
    • How to unlock a locked user account
      2:46
      How-To-Unlock-A-Locked-User-Account 2022-09-30 22
    • How to set up rights templates
      9:06
      How-To-Set-Up-Rights-Templates 2022-11-16
    • The five basic HIFIS 4 rights
      4:03
      The-Five-Basic-Rights 2022-11-16
    • How to set up and administer programs
      12:56
      Admin-Programs 2022-11-17
    • How to manage reports
      2:43
      Managing-Reports 2022-11-17
    • How to upload a custom report
      3:35
      Upload-A-Custom-Report 2022-11-17
    • How to deploy new reports from the marketplace
      3:48
      Report-Marketplace (1) 2022-11-17
    • Understanding the coordinated access module
      7:56
      Understanding-The-Coordinated-Access-Module 2022-11-09
    • How to set up rooms for the Admissions module
      4:25
      How-To-Set-Up-Rooms 2022-11-09
    • How to set up shelter beds
      4:50
      How-To-Set-Up-Shelter-Beds-1 2022-11-09
    • How to put beds into and out of service
      2:24
      How-To-Put-Beds-Into-And-Out-Of-Service 2022-11-09
    • Understanding the housing unit inventory
      5:49
      Understanding-The-Housing-Unit-Inventory 2022-11-11
    • How to add a housing unit to the inventory
      5:46
      How-To-Add-A-Housing-Unit-To-The-Inventory 2022-11-11
    • How to set up your food bank inventory
      4:39
      Food Bank - Inventory 2017
    • How to set up express goods templates
      3:12
      Goods Services - Express Goods Templates
    • How to set up express service templates
      2:55
      Goods Services - Express Service Templates
    • How to set up waiting lists
      2:32
      Waiting Lists - Manage 2017
    • How to manage options in drop-down menus
      10:13
      Admin-Lookup-Tables 2022-11-17
    • How to add and manage non-client, non-user people
      3:27
      People 2017
    • How to add and manage places
      9:16
      Admin-Places 2017
    • How to create and use questionnaires (surveys)
      7:03
      Questionnaires-Supervisors 2022-11-17
    • How to manage custom tables
      9:59
      Admin-Custom-Tables 2022-11-17
    • How to change the name of the custom tables tab
      1:06
      How-To-Change-The-Name-Of-The-Custom-Tables-Tab 2022-11-17
  • 0 / 13
    ⚙️ Settings
    • How to change consent settings
      4:55
      How-To-Change-Consent-Settings 2022-11-16
    • How to set up attestation
      4:19
      Setting-Up-Attestation 2022-11-16
    • Setting up your inactivity policy settings
      3:18
      Setting-Up-Your-Inactivity-Policy-Settings 2022-11-16
    • How to change housing history settings for a cluster
      3:50
      How-To-Change-Housing-History-Settings-For-A-Cluster 2022-11-16
    • What does the "enable sharing" option do
      4:30
      What-Does-The-Enable-Sharing-Option-Do 2022-11-16
    • How to change the data sharing settings related to client management
      6:08
      ACRE Consulting Sharing Service Information
    • How to set up your geographic region mapping
      8:13
      Geographic-Region-Mapping 2022-11-16
    • How to let youth also be family heads
      3:07
      How-To-Let-Youth-Also-Be-Family-Heads 2022-11-16
    • How to set up demographic visibility settings for your service provider
      6:45
      How-To-Set-Up-Demographic-Visibility-Settings-For-A-Service-Provider 2022-11-16
    • How to set up password rules in HIFIS
      4:38
      How-To-Set-Up-Password-Rules-In-Hifis 2022-11-16
    • How to set mandatory and disabled fields
      6:17
      How-To-Set-Mandatory-And-Disabled-Fields 2022-11-16
    • What is a housing continuum and how do I edit it?
      9:20
      What-Is-A-Housing-Continuum-And-How-Do-I-Edit-It 2022-11-16
    • Some miscellaneous application settings
      4:50
      Some-Miscellaneous-Application-Settings 2022-11-16
    • How to use the HIFIS audit log
      4:37
      How-To-Use-The-Hifis-Audit-Log 2022-09-30 22
    • How to delete a service record from a client file
      3:05
      Admin - Client Service Delete V59 2022-09-30 22
    • How to merge two client files
      5:35
      Admin - Merge Two Files 59 2022-09-30 22
    • How to broadcast system-wide messages
      2:08
      Broadcast-Supervisors 2022-11-16

How to set up password rules in HIFIS

4:38
Hi there. This is Ali Ryder from ACRE Consulting, and this is a training video about setting up your password settings in HIFES. Now, unfortunately, there are sort of 2 halves to setting up your password settings. The first half is done by your database administrator or your IT support, and they actually need to modify the config file. That are on your server.
So this is not something that the HIFUS administrator like you can do. But once it has been set up and configured, then in the application settings, so that's administration application settings on the settings tab. Then there is some areas where you can make some changes related to the password settings in HIFUS. So 1 thing that you can do is specify a password age limit. So if it's set to 0, that means there is no limit.
But if you set it to something else like 30 days or 90 days, then what happens is every 30 or 90 days, whatever you set, the users will be prompted to set a new password in Hyphasis. Now, just for full disclosure, at the time that I'm recording this, there's nothing in force to actually make sure it is a new password. So they're just prompted to to create a password and save it, but it could be the same 1 again. So it's not the most secure of features. But that's what the password age limit does.
Now, this is something that you set up on your own as of the HIFUS administrator, and your IT your database administrator does not need to do anything with that. However, the password complexity is where your DBA comes in. So there is something in the web config file where they need to activate certain password requirements. So for example, if you said needs to have at least a number and 1 non alphanumeric character and it needs to be at least 8 characters long, then your DBA will need to set that, those rules up, but you can provide a message here and that is your help message to users if they try to create a password that does not meet the complexity requirements. So you could change this default text to say minimum of 8 characters and include 1 number and 1 non alpha numeric character.
So this is where you tell your users what the password rules are, but your DBA needs to actually set up those rules. The last setting on this screen that's relevant is this email link expiry. So when a user forgets their password. They can click on the forgot password button, and it'll send them an automatically generated link that will allow them to create a new password. This is also done on user account setup.
So when the user account is brand new, an email will get sent out to the user prompting them to set up a password. It'll contain a link and that link will expire after a certain amount of time. Here is where you can indicate how long before it expires. Now the default value here is 1, so they have 24 hours before the link stops working. Which is a really good safety feature.
But if we're talking about the immediate launch, it may be a good idea to temporarily increase this value when you're trying to onboard a lot of staff. And maybe not everyone is working on the same day, but you send out a bunch of emails on Monday. Some people might not get the email until Tuesday or Thursday. And so it may be temporarily a good idea to increase this to, oh, a value up to 4. That's the maximum.
I did not know that. I'm just learning it with you. Anyways, so this is your email link Spiry that has to do with resetting passwords and setting passwords for new accounts. Don't forget to save all of this. And then you have now set up most of your password settings in hi face.

There are two distinct places where some values can be changed:

Front-End

This can be configured by a HIFIS Administrator. If that describes you, here are the instructions you’ll need:

  1. Using the Administration Menu, click on Application Settings.

  2. In the Password Age Limit (days) field, enter the number of days after which users are prompted to change their password, or leave the field blank for no prompt.

  3. In the Email link expiry (days) field, enter the number of days a password recovery email link is valid for before it expires. In other words, when a user clicks the “Forgot Password” button and is emailed a new password, how long do they have to click the link in their email before the link expires?

  4. In the Password Complexity Help Message field, add in some text for users to let them know what the password complexity requirements are. However, you are just providing a message here; a DBA must modify the web.config file on your server to actually change the password complexity rules.

Back-End

This can be configured by your Database Administrator (DBA), or someone with access to make changes directly on the server. If that describes you, here are the instructions to modify these settings:

  1. Locate your Domain\web.config file (located in the Domain folder)

  2. Search for the string StandardMembershipProvider. The matching element should look something like this:

  3. <membership defaultProvider="StandardMembershipProvider"> <providers> <add name="StandardMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership>

  4. Replace the values you would like to change. In particular, the minRequiredPasswordLength and minRequiredNonalphanumericCharacters are likely the values you’ll be changing first!

Get access now