Introduction
BusinessCraft provides a range of system security options to ensure that access to the system can be controlled to meet industry standards including ISO27001.
Separate Security Setup guides provide details on all aspects of Security Setup within BusinessCraft including Companies, Groups, Access Levels, Profiles, Remote Users, Workstations, Connections, License Viewer, Registry, Emailing, Saved Reports Purge, Printers, Audit, Menus, Help, Menu Setup Mode and Supervisor Options. This guide explains Users within Security Setup in BusinessCraft.
Please note that access to Security Setup can only be accessed by the Supervisor user login or by a user with access to the Security Setup menu.
The Supervisor user login is a special login created when BusinessCraft is installed with a default password that is encrypted in the QSHSYS file using the Password-Based Key Derivation Function (PBKDF). The default password can be changed in Security Setup > General > Supervisor Options.
Passwords must be at least 6 characters long and contain characters from at least 3 of the following 4 Categories: Uppercase, Lowercase, Number and/or Symbol. User login passwords are also encrypted in the QSHSYS file using the Password-Based Key Derivation Function (PBKDF)
Users
Users define the user logins available to access the BusinessCraft system. To access Users, in the Navigator go to Security Setup > General > Users and the Users Maintenance screen is displayed:
| User Code | A 12-character alphanumeric code used to login to BusinessCraft. |
| Full Name | A 30-character field for the user’s name. |
| User Initials | Enter/select the User’s Initials that identify the user. Users are set up in Miscellaneous > Users > User Names. If the User Initials entered do not exist, a prompt to create a User on the fly appears. |
| User Type | Indicates whether the user login is a standard user login (blank) or a remote user (R). |
| Sort Code |
Optionally enter/select a User Sort Code for reporting purposes. User Sort Codes are created in the User Sort Codes screen (Security Setup > General > User Sort Codes) |
| Requires Password | Indicates whether the user login must enter a password to login (Y), or that the user login password has expired and a new password is required at next login (E), or that the password has been cleared and is in the process of being reset with a Password Reset Token (T) or the user login does not require a password to login (N). |
| Default Module Code | No longer in use. To be removed in a future version. |
| Network User Name | Information only at present. May be used in future. |
| Email Address | The Email Address for the user login. Currently used to email a Password Reset Token when either the Forgot Password or Reset Password option is used. |
| Active | Indicates whether the user login is Active (Y) or not (N). |
| Date Deactivated | When the Active flag is set to N for a User Login, the Date Deactivated defaults to the system date but can be changed if required. |
| Tmp Token Expires | When either the Forgot Password or Reset Password option is used, the Password Reset Token created is set to expire in 3 hours from the time it was created and is recorded in this field. |
| Updated By | The User ID that made the last change to the User Login including a Date and Time Stamp of when the change was made. |
| Created By | The User ID that created the User Login including a Date and Time Stamp of when the User Login was created. |
Groups (F5)
Groups are used to quickly create access for user logins on a repetitive basis. Groups are used to determine which modules, datasets and printers can be accessed by user logins belonging to that group. Access Levels are used to define module specific access and are linked to groups. Groups are also used to provide specific Menu and Toolbar access if required.
| Group | Enter/select a Group to which this user login belongs. User logins can belong to multiple Groups. |
| Full Name | The Group Name is displayed. |
| Cons Role | A display only field that is no longer used and will be removed in a future version. |
Terminals (F6)
No longer used. To be removed in a future version.
Enter Pwd (F7)
Provides the option to create a new password for the user from within this screen. After activating the function key, a prompt is provided to enter the new password, followed by a second prompt to re-enter the password. After entering the new password a second time correctly, the password for the user login is changed.
Reset Pwd (F8)
Used to clear the user login’s existing password and create a Password Reset Token so that the user can reset their password. After activating the function key, a prompt is provided advising the process that is about to commence:
If the option to proceed is chosen, the existing user login password is cleared, the Password State is for the user login is changed to T and the Tmp Token Expires field date and time is set.
The Password Reset token screen is displayed providing options to generate a new token, copy the token to the clipboard or email the token to the email address for the user login.
The user will need the Password Reset Token to log into BusinessCraft as when they attempt to login, they will be presented with the Reset Token screen instead of the usual login screen:
If the user does not have a token, they can click the Resend Token link, which will email a new token to the email address for the user login.
After entering a valid token and clicking the Validate button, and provided the token is correct for the User Login, the user will then be prompted to create their new password and then login.
Revision 2
7th November 2018