This Configuration panel gives practices more options for password and workstation access security, in accordance with ADHA recommendations for the current version of Electronic Prescribing.
For information on granting and restricting access to features within Bp Premier, see User Permissions.
NOTE Bp Premier enforces case sensitivity for user passwords, regardless of whether or not strong password complexity is enabled
In this article:
Set password and access security
- Log in as a user with the Configuration permission set to 'Allow access'.
- Select Setup > Configuration from the main menu, and select the Security tab.
- Configure the following options to suit your practice. Tick an option and update the value to enable that setting.
- One uppercase letter
- One lowercase letter
- One symbol (such as the Shift+number keyboard characters)
- One digit character
- Click Save.
|
Field |
Description |
|---|---|
|
Minimum password length |
Minimum number of characters to be a valid password. The default is six characters. The maximum password length is always 20 characters. |
|
User lockout threshold |
Number of failed login attempts before the account is locked for the amount of time specified in 'User lockout wait period'. |
|
User lockout wait period |
Number of seconds before a user who is locked out can reattempt login. |
|
Maximum password age |
Number of days the same password can be used before Bp Premier will force the user to update their password. |
|
Password reuse interval |
Number of days before a user can reuse the same password, between 1 and 999 days. |
|
User inactivity timeout (electronic prescribing only) |
Number of minutes with no interaction from mouse or keyboard before Bp Premier will prevent a user from sending electronic prescriptions. Users will need to revalidate their Bp Premier password to send an electronic prescription. The re-login must be from the locked-out user. |
|
Strong password complexity |
Enforces 'strong' password complexity for all user accounts. NOTE Bp Premier enforces case sensitivity for user passwords, regardless of whether or not strong password complexity is enabled A complex password must contain at least one each of the following characters: |
When do I need to update my password?
If a password security setting is ticked and enabled and configuration saved, if a user's password does not meet the security requirements when they next log in, the user will be asked to create a new password that conforms to the new setting.
If the minimum password length is updated, users will be asked to conform to the new password length the next time they change their password, not next login.
Communicating changes
Users with passwords that do not meet the length and complexity criteria will not be able to log in until their password has been updated to the new standard. Ahead of the change, Best Practice Software recommend the following:
- Update your practice's policy for workstation access to include standards for password length and complexity.
- Communicate to your staff that password security has been introduced and provide a 'grace period' opportunity for all staff to update their passwords, for example, to meet minimum length and to contain at least one symbol and digit character.
You may find RACGP resources on information security useful in setting up your practice policies.
You may wish to use the internal messaging function to communicate any changes to password security. Remember that users will not see this message until after they have successfully logged in.
Set passwords for new users
The Force password change on next login check box has been added to the New user and User details screens, and is ticked by default in the New user screen. When Force password change on next login is ticked, the user will be required to change their password when they next log into Bp Premier.
See Add or update a user for more information.
Enhancements for User Security in File > Change User
In Bp Premier version Spectra, enhancements to user security have been implemented in File > Change User. The functionality for File > Change User has been revised to operate in the same manner as File > Log off.
When the User navigates to File > Change User, the current User will be fully logged out. To access Bp Premier, the User must re-enter their password, or a new user can be selected. Clicking the Cancel button on the Login screen will result in the closure of Bp Premier.
Related topics
Last updated: 14 October 2024.
AU 