What is the FIMS Complex Passwords Feature in FIMS and how do I Use it?

Updated on 06 Nov 2023
Contributors

Print
Dark
Light
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

I want to enable complex passwords in order to make FIMS more secure. What do I need to know?

Answer:

The Complex Passwords can be enabled by going to Tools > System Utilities > Enable FIMS Complex Passwords.

Note: For Azure Cloud customers this option is hidden. Complex passwords are already enabled starting 9/17/2020 and cannot be disabled.

When Complex Passwords are enabled, FIMS passwords must meet the following requirements:

Must be between 12 and 20 characters
Must contain:
one upper case
one lower case
one number
one special character
Cannot contain NPO or FIMS
Cannot match five previous passwords
Cannot be the same as the User ID
Cannot be blank, you have to create a password using the requirements above

When you create a new FIMS complex password, you may see the following window appear. This means that the password you created does not meet the requirements. Click OK and create a new password that meets the requirements as listed in the window:

Notes:

Passwords will expire after 93 days.
When Complex Passwords are enabled, all users will be required to change their password the next time they log in.
When a new user is added by a System Administrator, the new user will be required to change their password the first time they log in.
If a FIMS system administrator needs their password reset, another FIMS administrator has to log in to reset that other administrator's password, NPact support is not able to reset FIMS passwords.
The System Users Report (Tools > System Utilities > System Reports > System Users Report) now shows the Date Password last changed and ‘Expired’ next to users. The expired status appears if the user password has expired, or the user hasn't changed the password since the administrator enabled complex passwords or added/changed the password in the Establish System User tool in Tools > System Utilities. The Date last changed will show whether or not Complex Passwords are enabled.
Disabling FIMS complex passwords: On-premises customers can disable FIMS complex passwords after enabling it. When enabling FIMS complex passwords, the sysprogress and SF passwords are changed but not changed back when disabling. Those being changed should typically not affect anything. Users can change back to a simple password when complex passwords are disabled.

There are some things to be aware of when enabling complex passwords:

SYSPROGRESS: Enabling complex passwords changes the SYSPROGRESS password. This may affect clients who setup their Crystal Reports Design Statements or FIMS Compass using the sysprogress credentials. Clients should use another userid and password for ODBC/SQL connections and should not use the sysprogress userid for these connections.

Note: Crystal Reports run directly from FIMS using the FIMS Crystal Viewer are not affected, as they always use the credentials of the person logged into FIMS.

FIMSInternal User:

Enabling Complex Passwords will not change the password for this account.

Notes on FIMSInternal user:
The FIMSInternal User is used for scheduled tasks such as the DonorCentral nightly upload. It is also used with internal processes such as Field maker Commit, FIMS Compiler and SQL Widths Update.

Note: Removing or changing the FIMSInternal User results in the failure of these types of system functions. Running FIMS processes externally through non-standard FIMS calls will not work when complex passwords are enabled. Do not change the password for this account.

Was this article helpful?

What's Next

How to Update FIMS Password with Complex Passwords Enabled