General

The Company Setup/Maintenance allows the user to specify the login security and criteria for all users in the Company database. The Company Maintenance screen consists of 5 options that are listed below.

Minimum Password Length	Indicates the minimum number of characters required in a users password. If a user selects a password with fewer characters, they will receive a system error. They must select a password with at least the number of characters specified in this field. If you prefer that no minimum password length be required, then leave this field 0.
Number of Unique Passwords Required	Indicates the number of unique passwords required before a password can be reused. Passwords may not be re-used for the number of iterations specified here. If the number of unique passwords required is set to 3, then the password can only be re-used after 3 other unique passwords have been used. If left 0 for no minimum number of unique passwords required, the user may re-use their password each time it expires.
Days Before Requiring New Password	Indicates the number of days that should pass before passwords expire and the user is required to change their password. The current password set for the user will expire after the number of days specified here. At that time, MedSuite will prompt the user to enter a new password that meets the minimum length, minimum number of unique passwords required, and/or the strong password criteria setup by the Administrator. If left 0, there is no password expiration date and the user passwords will never expire.
Number of Failed Logins Before Lockout	Indicates the number of times a user can attempt to login before they are "locked out" of the system. The will be "locked out" of the system until a "Password Reset" or "Unlock User" is performed by an Administrator. If left 0, then there will be no user lockouts after failing to log in properly. Note: An Administrator can become "locked-out" due to reaching the number of failed logins before lockout. In this situation, only MedSuite can reset the Administrator's password.
Require Strong Passwords	Indicates that the system should require a password to contain at least one alpha (A-Z) and one numeric (0-9) character. The system will then prompt the user to enter a different password that contains this required criteria. The system will not allow the user to log in until a password meeting this criteria is entered. Leave the check box blank if you do not want the system to require that the user password contain at least one alpha (A-Z) and one numeric (0 -9) character.

The Security Log tracks a number of security events such as users who have becomed locked out, users who have changed their passwords, etc. and should be reviewed to monitor for any security breaches or violations.