MyView Security
Enables you to define system parameters specific to security in MyView.
To access this window, enter fast path HR97S8 and select User Control > Web Applications > MyView > Security.
Login Parameters
Transparent Mode
Select this check box if MyView is configured to run in transparent mode from an Intranet. When this check box is selected, MyView is accessed via a different uniform resource locator (URL) which contains the employee number. This URL allows MyView to transparently log in using the employee number to identify the user, without the need for a username and password. The URL used when in transparent mode is not encrypted, therefore, transparent mode should be used with extreme caution due to the security implications.
ⓘ Only fields that are relevant to transparent mode are enabled in the following sections when you select the Transparent Mode check box.
Parameters
If running in transparent mode, window in to this field to configure the parameters for transparent mode.
Username Label
Enter the label displayed for the Username field which is displayed on the initial MyView page.
Password Label
Enter the label displayed for the Password field which is displayed on the initial MyView page.
Maximum Resets
ⓘ We recommend setting this to 3.
Enter the maximum number of password and security question answer resets that are permitted by the employee, for example, for a forgotten password. Once this number of resets has been exceeded, the employee's account is locked, and can only be unlocked via General MyView Parameters.
Logout After Reset
Select this check box if you want an employee automatically logged out when either their password or security question answers are reset. They will then have to log back in using their new credentials. If this check box is cleared, an employee remains logged in when their password or answers are changed.
Number Of Invalid Logon Attempts
ⓘ We recommend setting this to 3.
Enter the maximum number of invalid login attempts permitted before the employee's account is suspended. For example, if you enter 3, the employee can make three invalid attempts to login without being suspended. However, a fourth invalid attempt would suspend their account.
Reset Password After
ⓘ Do not force regular password expiry. This has been part of the guidance from NCSC for several years now. We recommend setting a password expiry period of at least 365 days, ideally longer.
Enter the number of days that an employee's password is valid. Once this number of days has passed, the employee's password expires and they must change their password.
Warn Before Password Expires
ⓘ We recommend setting this to 7 days.
Enter the number of days that a user must be warned by MyView before their password expires.
Employee Security
Prevent Concurrent Logins
ⓘ We recommend selecting this check box.
Select this check box to prevent a user from having concurrent logins to MyView. If selected, when a user logs in, any existing sessions for that user will be ended.
Restrict to Current Employees Only
Select this check box to restrict access to MyView to current employees only. When an employee attempts to log in, their employee record is checked for an end date to ensure they are a current employee.
We don’t provide a recommendation for this check box as it is linked to whether you allow access for leavers, as explained in the Days Access for Leavers field.
Secure Bank Details
ⓘ We recommend selecting this check box.
Select this check box if you want bank account numbers displayed in MyView to be displayed with the first four digits obscured as asterisks, followed by the last four digits of the account number for increased security. For example, the bank account number 12345678 would be displayed as ****5678 if this check box was selected. This affects the Bank Details and Expense Bank Details personal forms, and the MyTeam Bank Details and Split Net Pay forms.
Days Access for Leavers
ⓘ If you use this field, we recommend setting the value as low as possible for your situation. Never leave this value as indefinite.
Enter the number of days after a termination date that a leaver will be able to access MyView. Additionally, if MyView passwords are reset, leavers will be sent the update email message if they are within this period of days from their termination date.
ⓘ If the Restrict to Current Employees Only check box is selected, the Days Access for Leavers field will be cleared and disabled.
Additional Session Ended Text
Enter a message up to 80 characters in length that will be displayed on the MyView session ended page after the standard session ended text. This can be additional information for users, for example, Please contact the help desk for assistance.
Session Timeout
ⓘ We recommend setting this to 10 minutes. Generally, we advise making this as short as is practicably possible, and no more than 30 minutes.
Enter the number of minutes (up to a maximum of 99) after which an inactive MyView Dashboard user session will be terminated. If blank, a default value of 30 minutes (with a two minute warning) will be applied. If set to 0, inactive sessions will not be automatically terminated.
Session Timeout Warning
Enter the number of minutes before the session timeout that a user will be given a warning message within MyView Dashboard regarding the timeout. This value must be less than the Session Timeout field value. If the Session Timeout field has a value and this field is blank, no warning will be given.
ⓘ We don’t provide a recommendation for this field value as this is a business decision for your organisation as to whether this is required.
Azure AD Secret
Enter the password used to authenticate the request to access your Azure Active Directory (Azure AD) environment. This is generated within your tenant when registering the application for Single Sign-On (SSO).
You can also request that Zellis sets Azure AD SSO to expire the browser cookie immediately once used. In this case, once the user logs out and the browser is closed, the user must re-authenticate when logging back in.
Buttons
Login Method
Select this button to display ResourceLink Web Framework - Login Method, where you can select the method of authentication you want to use when logging in to MyView.
Password Config
Select this button to display MyView Password Configuration, where you can define the format of the passwords used in MyView.
Intranet Security
Select this button to display MyView Intranet Security, where you can specify your organisation’s Intranet IP addresses, which are used to determine the required security profile when an employee logs in to MyView.
MFA Configuration
Select this button to display Multi-Factor Authentication Configuration, where you can define properties related to Multi-factor Authentication of MyView logins.
Select this button to display MyView Security Email Configuration, where you can define properties related to security emails.
MD97G9