2020-03-04 User Management Meeting Notes

 Card Sorts

 All

•  RA-SIG agreed with giving the card-sorts some weight back in October. People didn’t have test environments then, now more and more of them do and can weigh in. There’s agreement on most things but not the order.

• Question about whether to hide the Custom Fields accordion option if a site isn’t using Custom Fields.

• RA-SIG will be finished reviewing the accordion sort spreadsheet Thursday. Need their input before moving forward.

Deleting custom fields

All

• https://folio-org.atlassian.net/browse/UIU-1492

• Jana: Would like to see another window pop-up to confirm deletion of custom fields. There’s a concern of losing a lot of data accidentally with two quick clicks or pressing Enter. Maybe there should be a checkbox to confirm deletion of all custom data in the field. Should be in a modal box as well.

• Maura - make sure it’s also locked down as a restricted permission too - maybe even down to 2 individuals

• Question about what “Deleting” actually really does behind the scenes.

• Patty will talk to Khalilah about adding these features.

Password complexity

Patty

•  https://folio-org.atlassian.net/browse/MODPWD-32  

• Desire to enforce prevention of "trivial" (easily-guessed or well-known) passwords

• Question about whether UM should own this - a security-focused SIG or group maybe, in response to the security audit?

•  

  • Patty will raise this at today’s PO meeting

• Multifactor should be recommended (Phil)

• The password list should be extensible, to add lists from external sources

• Discussion of relevance for single-sign-on institutions