Security Enhancements

When dealing with a large number of employees and users in any system, the risks of various abuses are fairly high. This is why our development team made extra security enhancements that come along with the latest version of our workforce management software.

Apart from the certificate change and some coding improvements that are not visible to end users, here is a list of visible changes that will make any potential abuse next to impossible:

• The system now requires all users to use strong passwords
• The system now requires users to enter the existing password in order to change it to a new one
• After 10 unsuccessful login attempts, the system will now block the user for 30 minutes

Strong passwords

When creating a password for an account in our employee schedule maker, a user is now required to enter a minimum of 6 characters, to use at least one CAPS letter, at least one number and at least one symbol (e.g. %$@!). With such an improved password policy, hacking of accounts is no longer possible.

Entering the existing password when changing it to a new one

This improvement aims to prevent any kind of abuse for those employees or administrators working from corporate offices. How easy would it be for another coworker to approach his colleague’s work station and change his password while that person is not looking – just for pranking purposes? Now, that’s impossible. When trying to change the account password, the system also requires each user to enter the existing password in order to set the new one.

Brute force hacking prevention

In order to prevent any kind of so-called “brute force” login attempts with dictionary hacking scripts trying to guess any user’s password over and over until they succeed, our engineering and development teams implemented a limit for the number of unsuccessful login attempts. If any user tries to login to the system with at least 10 or more unsuccessful attempts, the system will automatically prevent any further attempts for the period of 30 minutes.

Karin Jakovljevic

About the author

Karin Jakovljevic

Karin Jakovljevic is the head of marketing at Ximble, a powerful, cloud-based workforce management system, simplifying employee scheduling and time tracking for retailers, restaurants and small businesses.

Success Stories

Case Study: Property Management

Discover how Ximble helped Armstrong Property Management optimize scheduling, improve time tracking, and integrate with existing software.

Case Study: Urgent Care

Read how Montefiore needed a user friendly employee self-management solution that supported multiple locations and integrations.

Case Study: Restaurant

How did Rudy’s Pub & Grill tackle managing multiple locations over multiple devices, while increasing employee access to shift availability?

Case Study: Customer Services

Effectively scheduling a global workforce across multiple time zones with ease requires a dynamic approach. So how did Ximble help Touch Support?

Try Ximble for 14 days free

No credit card required. Cancel any time.

close close
close close