Security and myhrtoolkit

Security and the protection of your data is paramount to Myhrtoolkit. The myhrtoolkit software has a number of security features built in which can be deployed as needed.

Password Strength

Passwords can be a common weakness in any user-driven system, and myhrtoolkit provides tools to help mitigate password driven security breaches. When a user changes password, they can see the ‘strength‘ of their password, and it is recommended that they aim for at least a ‘strong’ password. In setup & admin > password strengths, the strength of user passwords can be checked and users prompted to change to stronger passwords as required.

Password Challenge-Response

myhrtoolkit provides an option for a challenge-response system for changing passwords. When using this, each user will be asked to supply answers in advance for a variety of different questions, e.g. ‘childhood nickname,’ ‘city or town where your parents met,’ etc. At least one answer should be given, but two or three is better.

When a request is made to change password, a question will be selected from those for which the user has given answers.

More information is available here.

Restricting Network Access

Your installation of myhrtoolkit can be configured to only accept users operating from certain network locations. Navigate to setup & admin > Static ip addresses and enter the individual IP addresses.

Currently the input procedure does not allow IP ranges or network masks, only individual addresses.

Note – this is designed to be used with static IP addresses only, rather than dynamic.

Myhrtoolkit Security Statement

A full security statement can be found here.