/
2020-03-04 User Management Meeting Notes

2020-03-04 User Management Meeting Notes

Owned by Philip Robinson
Last updated: Mar 04, 2020

Date

Attendees

Goals

  • Review card-sorts / accordion items
  • Discuss UI confirmation of deleting custom fields
  • Discuss password complexity rules

Discussion items

TimeItemWhoNotes

 Card Sorts All
  •  RA-SIG agreed with giving the card-sorts some weight back in October. People didn’t have test environments then, now more and more of them do and can weigh in. There’s agreement on most things but not the order.
  • Question about whether to hide the Custom Fields accordion option if a site isn’t using Custom Fields.
  • RA-SIG will be finished reviewing the accordion sort spreadsheet Thursday. Need their input before moving forward.

Deleting custom fieldsAll
  • https://folio-org.atlassian.net/browse/UIU-1492
  • Jana: Would like to see another window pop-up to confirm deletion of custom fields. There’s a concern of losing a lot of data accidentally with two quick clicks or pressing Enter. Maybe there should be a checkbox to confirm deletion of all custom data in the field. Should be in a modal box as well.
  • Maura - make sure it’s also locked down as a restricted permission too - maybe even down to 2 individuals
  • Question about what “Deleting” actually really does behind the scenes.
  • Patty will talk to Khalilah about adding these features.

Password complexityPatty
  •  https://folio-org.atlassian.net/browse/MODPWD-32  
  • Desire to enforce prevention of "trivial" (easily-guessed or well-known) passwords
  • Question about whether UM should own this - a security-focused SIG or group maybe, in response to the security audit?
    • Patty will raise this at today’s PO meeting
  • Multifactor should be recommended (Phil)
  • The password list should be extensible, to add lists from external sources
  • Discussion of relevance for single-sign-on institutions


Action items

  •