We're bringing a number of significant security improvements to the Insight platform, giving you even greater confidence in the safety of your data.
Users frequently re-use passwords, which means that if one site is compromised and passwords are stolen, then the hacker potentially has access to numerous other sites where the same password was used.
Multi-factor authentication significantly reduces the risks associated with this because in order to log in, we check something you know (a password) and something you have (a device). A hacker may have your password, but they cannot log in without being able to enter the 6-digit code generated by your smartphone or another device.
Sorry, your browser is unable to play this type of file.
You can still download it
Multi-factor authentication will be off by default so there will be no changes for your users unless you choose to enable it, which we highly recommend. To do this, go to the main settings area of your site (cog icon in the left column), head to Site Configuration, and then under 'Login Security' you'll see a range of new options. Set 'Multi-factor authentication for Web Office logins' to Mandatory, and the next time any of your admins log in to the Web Office they will need to set up multi-factor authentication.
What app do I need?
Google Authenticator is the easiest to set up. You can get this from the usual app stores for Android or iOS. If you don't have a smartphone, you can use Authy
which is available for Windows, Mac and other platforms, or any other TOTP (Time-based One Time Password) app. If you like, you can also allow your users (either globally or individually) to receive codes by SMS, but SMS messages are charged to your monthly bill on a pay-as-you-go basis. The global setting is in Site Configuration (as above) or you can make changes for individuals on their user record.
Up until now, when a user needs their password reset, we've sent them a new random password in an email, with the expectation they'd then change it for something memorable. Of course, many don't get round to changing it, and end up having to do another reset the next time they want to log in. In any case, the practice of sending plain text passwords in emails has become frowned on for obvious reasons.
Now, when a user needs a password reset, they will be sent a secure link by email which they can use to set their own password. This link will last for only a few hours (2 hours if they request it themselves, 24 hours if it's sent by an admin) and can only be used once.
When someone registers (or is registered by an admin) on a site for the first time, they will get the same link in the welcome email which will enable them to set their password, if they didn't already set one when they registered.
Please note, these changes may mean that you need to edit some of your system mailing templates
We have also added a task on the user record which will allow an admin to set a user's password directly. We recommend using this only as a last resort if they are unable to set their own password.
All sites are now required to use the 'Medium' password strength as a minimum. Any sites previously using 'Lowest' or 'Low' have been moved to 'Medium', and any users whose passwords don't meet the new criteria will be forced to change them the next time they log in.
If you increase your site's password strength yourself, again, anyone who isn't using a strong enough password will be forced to change it.
We've also added a small new requirement to the 'Highest' password strength so that a non-alphanumeric character (e.g. a punctuation mark) is required in the password. If you're using this setting, then anyone whose password doesn't have the necessary characters will be forced to change it.
Note that we store passwords in a way that even we cannot see what they are, and so the only time we can tell if someone's password isn't secure enough is when they enter it on the login screen.
Log in with your email address
To make it easier for folks to remember their logins, you can now log in using your email address instead of your login name, if you prefer.
For people who share email addresses (usually members of the same family) this may mean that when they come to log in there is more than one possible matching account. If this is the case they can choose which account they want to log in to, after entering their credentials.
Account console in the Web Office
Up until now, most 'account' related things have been done in My Area. But we know that many of you spend most of your time in the Web Office, and since some of the new security features just apply to the Web Office, we've made a new console to bring these things together. Head to the person icon in the bottom left corner of the Web Office. From there, you will be able to change your password, set up multi-factor authentication, and see where your account has recently been used. You'll also have the option there to log out of all other sessions
if anything doesn't look right.
Log in with a Google domain account
This feature is aimed at those of you who use GSuite for your staff, and who mainly have staff logging into the Web Office. Your staff can use their Google logins (on your domain) to log in to the Web Office.
Again, head to the Site Configuration page to set this up. You'll need to get a Client ID from Google – and there are instructions next to the settings on how to do this.
Note that once you are logged in using this method, your Google and Insight login sessions are independent – logging out of one will not log you out of the other so you will need to log out of both accounts separately.
Improvements in the article editor
Up until now, when adding a link or an image, you'd then have to click the 'Browse' button to find something from your site. Since most people want to go straight there (and some people don't even spot the button!) we now open the browser straight away without the additional click.
When clicking a link, you often want the link to open in a new tab – particularly if it's a link that might take you off the site in the middle of something you're reading. Previously, to do that you had to go to another tab in the link dialog, and choose from some complicated options which probably only made sense to those of you who are a bit more technical. To make this simpler we've moved everything into the one tab, cut down the options and labelled them in plain English.
Browsers blocking previews
We'd often find that browsers block the pop-up that opens when you preview an article. Now, when this happens you'll get a message on the screen to explain what's happened and a link to click which will reliably open the preview.
Prompt to make this article the group homepage
When creating the first article in a group, you almost always want to make it the 'homepage' article for that group – the article that will be displayed when the group is selected in the dropdown menus.
To help with this, when saving an article we now prompt you to make it the homepage article for the group (and publish it) if the group doesn't yet have a homepage article.
We've improved the behaviour of the automatically generated titles when you first create an article – sometimes you would get a lot more text in there than you bargained for!
When picking a link to go in an article you'd sometimes get an annoying double scroll bar in the popup. We've fixed this.
Other improvements and bug fixes
We're always looking for ways to make things better and we fix bugs as quickly as we can after they are discovered. This time we've ironed out the following issues:
We've improved the display of some dates in Resources so that they now include the day of the week.
In a shop basket, you can now add up to 9999 of the same item.
After importing donations, in some places in the system the date of the import was shown instead of the date of the donation. We've fixed this.
In a keyed payment import, we've made it much quicker to search by a custom field (such as a Gift Aid envelope number).
In payment group settings, if you chose to enable logins for new registrants, a bug (now fixed) meant that you couldn't select 'Mandatory (always show) for the email address.
A payment page would give an error if an offline payment method (e.g. cheque/cash) was selected.
When creating a keyed payment import, it was a bit too easy to accidentally finish and lock the import before having a chance to double-check everything was correct. We now show a confirmation popup before completing the import.
When creating a new Gift Aid claim, you can now build up your claim with groups of donations by filtering available donations by day, month, year, name, donation type or amount and clicking the select all checkbox.
When creating a payment import or Gift Aid claim, you can now see running totals for the selected donations to help with cross-checking.
When choosing groups to share custom fields with, payment group option groups were wrongly appearing in the list of available groups - now removed.
When adding a new profile editor module to an article or template, it wasn't possible to pick custom fields for logged-in account holders.
The media player module would error for non-logged in users when showing the latest item from a group.
If you set an article list module to display its output based on the value of a custom field you'd get an error if the custom field wasn't set.
We've updated some rather outdated instructions in the RSS feed.
We now no longer include title in the default set of columns for matching for a user merge - often this isn't populated and so reduced the chances of successful matches.
In a user merge the heading for each user now shows the date the record was last modified which often helps in determining which contains the most up to date information.
When images are returned in query results (e.g. shop item images or user profile images) we've restricted the size of these so that they don't overflow the available space.
In a query for payment group registrations, you can now get the Gift Aid declaration status applicable to the registration.
When adding events to rotas and to the main calendar we've made sure the scroll position is remembered to that you can add more events in the same place without having to find again where you were.
If you're not logged in when you click the link from a rota reminder email you'd get an error. You're now correctly redirected to the login screen.
It wasn't always possible to open saved or draft mailings in Safari on the iPad.
In a mailing you can now add superscript (like this) and subscript (like this).
Some characters in filenames which are allowed in non-Windows operating systems such as '<' would prevent media files being uploaded. We now strip out any illegal characters making it possible to upload these files.
We've made some error text a bit more prominent so that if, for example, someone misses a field when editing their profile, it's a bit more obvious what's been missed.
When editing permissions on a user record you'd get a superfluous 'are you sure you want to leave?' pop-up. While we were fixing this we've made a few usability improvements on this tab.
If you're on the summary tab of a user record when you delete the record (via Tasks) you'd see an error screen even though the user had been deleted successfully.
Admins with custom field editor permission, but not 'edit members details' permission were not able to access the custom fields tab of the user record.
If someone unsubscribes from emails for your whole site (i.e. they are unsubscribing from all mailing channels) then we also withdraw consent for any consent questions which have mailing channels. However, in this situation we were not sending the notification to admins who were set up to receive a notification of consent changes. This is fixed now.
We've fixed the display of a few tables that weren't looking good on small mobile screens.
The home phone number field was blank in PDF address books in the compact view when grouped by families.
The PDF export icon didn't work on the Attendance Register Report. We've removed this as it duplicated a (functional) export under Tasks.