CHANGE EFFECTIVE USER PASSWORD

Use this screen to change the password for an effective user.

Note:  A password must contain at least eight characters.

Costpoint uses effective user IDs to make sure users can access the database only from within Costpoint. A typical Costpoint user logs into Costpoint with a user ID having read-access to the USER_ID table only. The Costpoint software re-connects to the database with that user's Effective User ID in order to gain full access to all the database tables. Consequently, only the Costpoint administrator knows the passwords for the effective users. Most Costpoint users do not and, as a result of this security, are not able to access information in the Costpoint database using outside tools. If you do not maintain the security of the Effective User ID and password, your database security can be compromised.

Changing the password on this screen changes it in the database and in the Effective Password settings for all users who use this Effective User ID. After you change it here, you will also find it changed on the Maintain Users screen.

Change the password on a regularly scheduled basis, or whenever security has been compromised.

Warning: Always use this function to change the effective password. If you change the password using any other database tool or software application, your users will not be able to log into Costpoint.

Effective User ID

Enter the ID of the effective user whose password is being changed.

Effective Old Password

Enter the current password for the Effective User ID.

Effective New Password

Enter the desired new password for the Effective User ID. The following password validations are used:

  1. The password cannot be the same as the old password.

  2. If the Allow Password Reuse checkbox is not selected in the System Settings screen, any previously used passwords stored in USER_PSWD_HS for that user cannot be used as a password.

  3. The password must start with a letter.

  4. A user's user ID and user name cannot be used as a password. 

  5. A user's employee ID (and that employee ID's first name and last name) cannot be used as a password.

  6. The word "password" cannot be used as a password.

  7. The password must meet the password complexity specified in the Corporate Settings subtask of the System Settings screen.

Verification

Enter the desired new password again.

Databases to be Updated

This table pertains to Sybase and MS SQL Server users only.

User IDs and passwords are applicable to all the databases in those SQL Server database management systems. (By contrast, user IDs and passwords are applicable to just one database in a SQLBase or Oracle database management system.) Because the databases share the user IDs, you must enter the names of all Costpoint databases in the current database server, except for the connected database that is displayed. This will ensure that the effective password is changed in the USER_ID table of all Costpoint databases on this server. Failure to enter a database name here will prevent users of that omitted database from logging into Costpoint, if their Effective User ID matches the one entered above.

Note: We recommend that all users be cleared out of Costpoint when this function is run. The change of the Effective User Password takes effect immediately, so if a user is in Costpoint when the change is made, he will get an SQL error when he attempts to open another function. This happens because every time a new function is opened, Costpoint connects to the database using the password that was in effect when the user logged into Costpoint, not the current effective password. The password in memory does not match the database's new effective user password.

Current Connection

This shows the name of the database to which the user is currently connected (e.g., "DELTEKCP").

Others

Enter the names(s) of the database(s) on the same server to which you are currently connected, for which the effective users should be updated.