This topic explains how to set up High Security Passwords for the appropriate users. Any user with access to credit card numbers should be set up to use High Security Passwords.
By default, "SYSTEM" is the user ID that will function as the Password Administrator for High Security Passwords. This user ID does not require any additional setup; however, make sure you do not activate High Security Passwords for the SYSTEM user ID (in other words, do NOT follow the instructions below for "SYSTEM.")
Decide which users will use High Security Passwords (excluding "System" which is designated as the Security Administrator).
Note: if you need to set up a brand new user, see the setup topics for Role-Based Security or Terminal-Based Security. Then follow this procedure to activate High Security Passwords for the new user.
Click Misc and select 4-Add/Delete/Change User. Then select 3-Change a User. (Note: you can also access the Add/Delete/Change User option from the Misc menu of Security Maintenance.)
Select the appropriate store, and click OK. Then select the appropriate user and click OK. The Change a User dialog displays.
In the High Security Passwords field, enter Y.
In the Password field, enter a new password.
The new password cannot be blank, must be at least 7 characters in length, must contain at least 1 alphabetic and 1 numeric character, and cannot be the same as the last 4 passwords used.
In the "Check Pswd at POS" field, select Y.
Click OK.
Repeat steps 3-8 to activate High Security Passwords for other users.
From the Options Configuration window, click GoTo, and select Security Maintenance. In the Security Maintenance window, assign security bit 41 "Allow password to be changed within Signon application" to all users for whom you activated High Security Passwords.
When using the High Security Passwords feature, Epicor recommends that you modify the settings for the following options in Options Configuration:
Option 520 "Terminal's Special Security" should be set to O, P, or S for all terminals; N is not recommended.
Option 500 "Terminal's Default User " should be set for all terminals to a user that has the High Security Passwords field set to N.
Two Eagle Alerts are used for the High Security Passwords feature: "User locked out" and "User password expiration warning." The "User password expiration warning" can be set to force the user to change their password at the next login. See the topic "Setting Up Eagle Alerts User Profiles" for more information on setting up the appropriate users to receive these alerts.