User PIN Policy Wizard
The User PIN policy allows you to define PIN security requirements when creating or modifying a User PIN. In SirsiDynix Symphony, a PIN serves the function of a password and may contain any combination of letters, numbers, or other permitted characters; the PIN is not limited to numbers only.
From the List Policies window, you can create, display, modify, or remove User PIN policies.
These policies are used when SirsiDynix Symphony has been configured to use the Policy PINs feature. If this feature is configured, the user PIN will be auto-generated according to the rules in the User PIN policies when a user record is created in either of the following ways:
| • | A user record is created through WorkFlows client |
| • | A user record is created using the Load Users report, and the input file does not contain a PIN |
Alternatively, if a PIN is manually entered, it must meet the requirements set in the corresponding User PIN policy. For more information about manually changing PINs after a given User PIN policy has been defined, see User PIN Change Gadget.
The user PIN policy only affects PINs that are created or changed after the policy is established. PINs created before you established the policy will continue to function as they are.
To use policy PINs, contact SirsiDynix Customer Support and request the Policy PINs feature.
If there are no User PIN policies in the system and the Policy PINs feature has been enabled, SirsiDynix Symphony uses an internal default policy with the following specifications:
|
Attribute |
Value |
|
User PIN Minimum Length |
4 |
|
User PIN Maximum Length |
25 |
|
User PIN Minimum Number of Lower Case Characters |
0 |
|
User PIN Minimum Number of Upper Case Characters |
0 |
|
User PIN Minimum Number of Numeric Characters |
0 |
|
User PIN Minimum Number of Special Characters |
0 |
|
Securely store the PIN |
Not enabled |
|
Number of Days PIN is Valid |
25000 (UNLIMITED) |
|
Number of Days Before PIN Expires to Warn User |
0 |
|
Number of Days to Allow Users to Change Their PIN After Expiration |
25000 (UNLIMITED) |
|
Number of Previous PINs to Check for Uniqueness Against New PIN |
0 |
Attributes
The User PIN Policy wizard displays the following attributes:
| • | Name |
| • | Description |
| • | User PIN Minimum Length |
| • | User PIN Maximum Length |
| • | User PIN Minimum Number of Lower Case Characters |
| • | User PIN Minimum Number of Upper Case Characters |
| • | User PIN Minimum Number of Numeric Characters |
| • | User PIN Minimum Number of Special Characters |
| • | Securely Store the PIN |
| • | Number of Days PIN is Valid |
| • | Number of Days Before PIN Expires to Warn User |
| • | Number of Days to Allow Users to Change Their PIN After Expiration |
| • | Number of Previous PINs to Check for Uniqueness Against New PIN |
This attribute uniquely identifies the policy. This name is ten characters or fewer, and may not include spaces or punctuation, except for dash (-), underscore (_), and dollar sign ($). Additionally, the pipe character (|) may not be used.
This attribute provides more information about the policy and its use by the library. The description may be up to 60 characters in length. Although the Description attribute may contain spaces and punctuation, the pipe character (|) cannot be used.
This attribute allows you to specify the minimum length of the user PIN. The minimum value for this field is 1. The maximum value for this field is 25.
This attribute allows you to specify the maximum length of the user PIN. The minimum value for this field is 1. The maximum value for this field is 25.
User PIN Minimum Number of Lower Case Characters
This attribute specifies the minimum number of lowercase characters (a-z) that must be present in a user PIN in order for it to be considered valid. The minimum value for this field is 0. The maximum value for this field is 25.
User PIN Minimum Number of Upper Case Characters
This attribute specifies the minimum number of uppercase characters (A-Z) that must be present in a user PIN in order for it to be considered valid. The minimum value for this field is 0. The maximum value for this field is 25.
User PIN Minimum Number of Numeric Characters
This attribute specifies the minimum number of numeric characters (0-9) that must be present in a user PIN in order for it to be considered valid. The minimum value for this field is 0. The maximum value for this field is 25.
User PIN Minimum Number of Special Characters
This attribute specifies the minimum number of special characters (!,@#$%&*+()_-?) that must be present in a user PIN in order for it to be considered valid. The minimum value for this field is 0. The maximum value for this field is 25.
This attribute specifies whether or not SirsiDynix Symphony should store user PINs securely in the SirsiDynix Symphony database. If this attribute is enabled, SirsiDynix Symphony saves the PIN in cryptographic storage.
Note: Enabling this attribute does not automatically change the non-secure format of existing PINs to the secure format. To switch existing user PINs to a secure format, use the Secure User PINs Report.
Note: This attribute is not available to SirsiDynix Symphony systems that use an ISAM database.
This attribute specifies the number of days since the date of its creation that a user's PIN is able to grant access to the user's account. Once this number of days has been surpassed, the user's PIN expires and the user needs a new PIN.
Number of Days Before PIN Expires to Warn User
This attribute specifies the number of days before a PIN's expiration that SirsiDynix Symphony warns the user about their PIN's upcoming expiration. Symphony shows this warning when the user logs in to WorkFlows, SirsiDynix SymphonyWeb, and SirsiDynix e-Library. Once the PIN has expired, a dialog offers the user an opportunity to change their PIN.
A value of 0 in this field indicates that SirsiDynix Symphony will not show a warning concerning a PIN's upcoming expiration.
Number of Days to Allow Users to Change Their PIN After Expiration
This attribute specifies the number of days after a user's PIN expires that the user is able to access their account as well as change their PIN themselves in SirsiDynix e-Library (if your library has enabled this feature). When this number of days is surpassed, the user needs to ask a librarian for help with accessing their account.
Number of Previous PINs to Check for Uniqueness Against New PIN
This attribute specifies the number of a user's previous PINs SirsiDynix Symphony checks for the uniqueness of the user's new PIN. For example, if the number in this field is 5, Symphony checks the user's previous five PINs to ensure the new PIN doesn't match any of those PINs.
Important: This attribute only functions if the Securely Store the PIN attribute has been enabled.
Save
Saves your changes to the PIN policy and closes the wizard.
Cancel
Closes the User PIN Policy wizard without saving changes.
Support for SirsiDynix Symphony PIN expiration and modification through other SirsiDynix products (such as, for example, Web Services for Symphony, MobileCirc, and SirsiDynix Enterprise) is anticipated for future SirsiDynix product releases.
Related topics
Access Control Configuration Wizards