We’re shortly going to be adding some new features to Refernet and this means that the way in which you interact with certain areas of the system is going to change.
Two-factor authentication is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. First, a user will enter their username and a password. Then, instead of immediately gaining access, they will be required to provide another piece of information.
When this option is enabled by the administrator on your system, all users will be opted-in to this additional login check via a code sent to a mobile device. If a user does not enter a mobile number, then Two-factor authentication will not trigger on login. If a user has entered a mobile number then it will trigger upon login. This functionality works in the same way for Administrator access.
Passwords provide the first line of defence against unintentional access to your system and information contained within. The stronger your password, the more protected your system will be from unauthorised access.
We’re making sure that all your users will now start to use strong passwords. This means that passwords – moving forward – will need to be a minimum of 9 characters, contain letters (uppercase and lowercase), numbers and a special character (eg: exclamation point). This means that the use of bruteforce or dictionary based attacks will be severely limited.
To reset or change a password, we now require the user to enter their username, and then Refernet will generate an email to the email associated with that username which contains a one-time-use link. This will take the user to a page where they can enter a new strong password. Once the user is validated, Refernet will securely allow the user to create a new password.
New User – Usernames
As Administrator, you will need to personally supply all new users with their Username that you create.
You can safely do this via email or telephone. This is to make the process more secure, by keeping usernames and password invitations completely separate.
File upload and checking
File upload is becoming a more and more essential part of Refernet. Any files that fall outside of our checks will be denied upload. Files that are uploaded to Refernet undergo scanning for any potential virus’.
In conjunction with content-type validation, Refernet will validate the file’s signature against the expected file that should be received. This will help Refernet to fend off bogus and malicious files in a way to keep the system and the users safe.
Top page intro wording
Your Agency description copy, on the Refernet top page, is now ‘plain text’ only and will need to be revised. Please login as administrator and go to ‘System’ > ‘System Details’ and edit this under ‘System welcome text’.
We advise you to copy and save your existing wording before the upgrade.