Force strong passwords

You can improve the security of Profit by forcing users to use a strong password.

A strong password has a minimum length of eight characters, and does not contain any (part of) the user name or e-mail address of the user. For example: a user called Martin Sommer cannot use $omm1234Q as a password. A strong password contains at least one character from three of the four groups: Upper-case letters (A-Z), lower-case letters (a-z), numbers (0-9) and special characters (such as ! @ # $ %).

Contents

Description

You can determine in the CLE whether you want to use strong passwords. We recommend always enabling this option. In AFAS Online this option is mandatory, so you cannot disable it.

The use of strong passwords applies in the following situations:

  • You are using application authentication.

    For this type of authentication you record the user names and passwords in Profit. For Windows authentication this is not the case, you can then use the user names and passwords of the operating system.

  • You are using Windows authentication

    Checking for strong passwords does not apply to regular users (your employees), but it does if you have selected at least one of the following fields in the properties of the user: Portal, Connector, Command line or Backup copies from command line.

    This practice this means, among other things, that you must always enter a strong password for a command line user. If it is not set correctly, your command lines cannot be executed. Set the use of strong passwords in Profit for the command line user and check all the command lines.

    Checking for a strong password also applies to OutSite.

    Checking for strong passwords also applies to InSite if the InSite site is linked to a virtual path that is set to use the 'Profit' authentication method. With this authentication method, the user must log on with a Profit user name and password.

Profit Small Business

Checking for strong passwords does not apply to Profit Small Business. It is, however, possible for an accountant to restore a Profit Small Business environment to an Profit Accountancy Lite installation. If checking for strong passwords applies to the Profit Accountancy Lite installation, Profit can also apply it to the restored Profit Small Business environment. If you open the Profit Small Business environment and use a weak password, Profit immediately asks you to set a strong password.

Procedure

Also see

Directly to

  1. Authorisation
  2. Enforce strong passwords
  3. Configure authorisation groups
  4. Configure users
  5. Authorisation methods
  6. Authorisation in combination with Profit CRM
  7. Authorisation in combination with Profit HR
  8. Authorisation per administration
  9. per administration
  10. Authorisation management