Release Notes for the December 2016 DynaFile Update
Released: December 28, 2016
Local User Account Enhancements - The security of local DynaFile user accounts has been significantly improved. The following features have been implemented and are configurable by the administrator by going to Admin > Site Configuration.
Password Aging – The length of time that a user’s password can be used before prompting the user to change their password can now be set. The default is no enforcement (indefinite time).
Failed Login Lockout – User accounts can be configured to lockout any user account that has failed login after a configurable number of failed attempts. The default is no enforcement (unlimited attempts).
Lockout Release – Locked user accounts can be configured to have their lock released (allowing the user to login again) after a configurable number of minutes. The default is no time frame, meaning that the lock is permanent until an Administrator manually releases the lock by going to Admin > User Administration, selecting the affected user and clicking the “Unlock Account” button at the bottom of the first tab.
Password History – When a user changes their password, they can be forced to not reuse any password used for a configurable number of previous passwords. The default is no enforcement.
Password Complexity – Administrators can define user’s minimum password length along with whether the password must contain any combination of “Upper and Lower Case”, “Digits” and/or “Symbol” characters. The default is a minimum of 8 characters requiring all character types (upper, lower, digit and symbol).
Two Factor Authentication – Users can choose to enable Two Factor Authentication (2FA) for their account by going to the “Prefs” menu and clicking on the [Setup] button near the bottom. 2FA options exist for emailing or SMS text messaging of the authentication code, and/or using Google Authenticator. Administrators also have the option for enabling 2FA options for users (for all but the Google Authenticator option) on a per-user basis under User Administration. The default for all users is for 2FA to be off until explicitly configured by the user or administrator.
Email Out using "Reply To" - When emails are sent out from DynaFile by any user, the From Name will be the sending user (as it always has been), but the From Address will be changed to “firstname.lastname@example.org”. However, a new email header will be added for “Reply-To” that will be the users proper email address. This eliminates the issue when a company user tries to email from DynaFile to themselves or another internal company user and the delivery would fail. Recipients of the email will still see the original sender’s name and when they reply to the email, it will still be delivered back to the original sender.
Quick User Creation for Private Link Emailing - A new user right called “Quick User Registration” has been added to the User Administration screen (disabled by default). When enabled for an existing user that does not have User Administration rights, this right allows that user to create a new “limited” user account when they send a Private Link for a document to any user not currently registered in the system. This limited account will have read-only permissions to the document(s) selected to be linked and they will have no other rights in the system.
SaveToDynaFile Validation of the File Upload Right - Previously, users that had Save To DynaFile installed were able to upload files without explicitly having the “File Upload” right checked. This has been fixed so that this right is enforced when using Save To DynaFile virtual drive. If your users are unable to upload as they have in the past, please go to Admin > User Administration, click the affected user and ensure that the “File Upload” User Right is checked off (under the second tab).
Show Email on Generate Password Page - To facilitate the saving of user credentials when using a 3rd party password manager like LastPass or 1Password, when the user clicks the link from their email to generate a password, the user's username is displayed so that the password manager can track it along with the generated password.