1 / 9

April 5, 2012

An Integrated Workforce Solution for State/County. April 5, 2012. Special Characters in Passwords. What is changing? Restrict special characters allowed in user passwords Today there are no restrictions on the special characters used in passwords.

minh
Download Presentation

April 5, 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Integrated Workforce Solution for State/County April 5, 2012

  2. Special Characters in Passwords • What is changing? Restrict special characters allowed in user passwords • Today there are no restrictions on the special characters used in passwords. • OPC 187478 will restrict the use of special characters in passwords as a base change. The blue hint text next to the password will identify what characters are allowed. Allowable characters are ((!),(@),(#),($),(%),(^),(*),(.),(_)). • Why change? Ongoing security enhancements • Restrict malicious access: Special characters can be operators in the SQL database language. Injecting SQL statements into text boxes could allow hackers to alter or retrieve data. • Prevent “Cross Site Scripting”: Java script can be introduced into a site to re-direct a valid user to an imitation web site to obtain the user’s username and password. • Who is impacted? All VOS Users • Individuals, employers, staff, administrators, analysts and providers • This will NOT affect the community site or the OPC site • What functions are impacted? All password related functions • Registration • Reset password • Account retrieval process • Login of existing user with a “bad” character in the password • When will this change occur? Within the next two weeks Defining the Changes

  3. Walk through affected screens 1) Individual registration entry screen 2) Alert when invalid password is entered

  4. Walk through affected screens 3) Change password on general information tab

  5. Walk through affected screens 4) Screen for changing password and alert when invalid new password is entered

  6. Walk through affected screens 5) Account retrieval for individuals once information has been verified 6) Alert for invalid password

  7. Walk through affected screens 7) Log in existing user with restricted characters (example: password55&) 8) Alert for invalid Password entered (password8&)

  8. Walk through affected screens 9) Create new staff

  9. Questions & Answers ? Corporate Headquarters: 1001 Omaha Circle - Palm Harbor, FL 34683 Ph: 727-786-7955 – Fax: 727-786-5871 www.GeographicSolutions.com West Coast Office: 234 Capitol Street, Suite A – Salinas, CA 93901 Ph: 831-757-4400 – Fax: 831-757-4401

More Related