Answer

Beginning with MIP V2020.2 numerous security ehancements have been added to help our customers keep their fund accounting program and data safe. The following is a summary of those changes. 

 

Password is required and no longer an optional feature If you previously had no password configured for MIP, you will now be required to have one that meets the requirements stated below.  

The following password complexity rules must be met:
  •     Password should contain at least one upper case, one lower case and one digit. 
  •     The minimum length of the password field is between 8 and 14 characters.  
  •     The maximum password length is 100 characters. 
  •     There are no restrictions on the special characters. (Previously this was restricted). 
  •     You cannot have spaces at the beginning or end of the password, but you can in the middle. 
     
For organizations that haven't set the password minimum length in the past, the upgrade will set them up to 8 characters. If they already have a value setup, the upgrade will not alter it. 

MIP will require the users to change their password after a defined number of days. Through the System Preferences screen in the MIP Product, the organization can configure the number of days after which the password reset will occur. In the previous versions, the maximum value that the product was allowing was 999 days. In this release, it is changing the maximum value to 365 days. The minimum value that is allowed is still 1 day. If the organization hasn't configured this value in the past, the 2020.2 upgrade process defaults this value to 90 days. If the value was over 365, then it will be set to 365.

Password History Management - The program now maintains a history of passwords used and will not allow the current password to be the same as the last six passwords used. 


HR Management - For organizations that own the HR Management module, the above changes will apply. HR Users will be prompted to reset their password in HR or MIP depending on which application they log into first. 

Employee Web Services - For organizations that own EWS, employee passwords will not be updated and do not fall under this same security changes mentioned above. However, during the EWS upgrade to V2020.2, the EWS user in SQL will need to have a password reset to meet existing SQL user requirements. 

Scheduler Module - Organizations that use the Scheduler module will need to have those users reset their passwords on first use following the upgrade.   

Rest API - Rest API users will be notified that their password has expired and needs to be reset.

DrillPoint Reports - DrillPoint user accounts will not be updated and do not fall under the same security changes mentioned above. However, during the DrillPoint upgrade to V2020.2, the SQL user credentials used to connect DrillPoint to the MIP Database will need to be entered. In previous versions this was only required on Advance installs. 

FR50 Application - Organizations that own both MIP and FR50 and use the import feature will be prompted to have the import user reset their password. 

NOTE: These changes do not apply with Windows Authentication enabled. The changes above apply to customers using MIP Product Authentication.
 
Article Type
Product Info
Product Line
MIP Fund Accounting
Product Module/Feature
-None-
Product Version
2020.2
Ranking
No votes yet