What's new (Access)

Oct 2023 - version 7.6.0

Update to an internal API to allow Red Pill applications to fetch user details matching search criteria

Training applications are now coloured pink to distinguish more clearly from live apps

Bug fixes and security improvements

Validation certificate 7.6.0

Feb 2023 - version 7.5.3

Search now looks for matching trials in all environments (live and test)

Validation certificate 7.5.3

Jan 2023 - version 7.5.2

Bug fixes

Validation certificate 7.5.2

Dec 2022 - version 7.5.1

Allow users to access older Red Pill and Randomisation test systems with the same account as they use for live systems. Previously they had to use a separate user account.

Validation certificate 7.5.1

Dec 2022 - version 7.4.0

Role status (active, suspended or invited) is now shown as a column in the user listing table for a trial

Trial and design panels slightly animate on hover and colours have greater contrast

When showing buttons on each trial panel, roles are ordered so active roles are shown first. Roles are also sorted by name and site ID. Role names are no longer down-cased.

The last selected environment tab (All / Live / Test) is remembered

Some security and bug fixes

Validation certificate 7.4.0

Jun 2022 - version 7.3.0

Archivist accounts can now be created by an administrator like any other role.

Roles are refreshed more regularly so that when rebuilding a test system the roles will be updated to reflect the new specification.

Validation certificate 7.3.0

Dec 2021 - version 7.2.0

Selecting all users now respects any search filters that are applied.

Validation certificate 7.2.0

Sep 2021 - version 7.1.0

A bug affecting logins was fixed.

On log in users with an invitation are redirected to the invitations page. This is to try and help users unfamiliar with the system who frequently don't realise that they need to follow the link to accept an invitation before they can access a trial.

The email sent on password change has been updated to note that location information obtained by IP lookup is approximate.

Validation certificate 7.1.0

Aug 2021 - version 7.0.5

A bug affecting trial listings was fixed.

A minor bug affecting the integration between the CRF builder and Access was fixed.

A bug resulting in notifications being delivered to extra recipients for a single customised system was fixed.

Validation certificate 7.0.5

Oct 2020 - version 7.0.4

Inactive user accounts for decommissioned trials are now deleted. Invitations to create accounts that are not taken up within 6 months are automatically cancelled.

The option to have fax notifications was removed as it is no longer in use.

Validation certificate 7.0.4

Sep 2020 - version 7.0.3

A minor update to speed up the user listing and relabel the staging environment as "test".

Validation certificate 7.0.3

Sep 2020 - version 7.0.1

A minor update to fix a couple of issues to do with trials hosted on remote hosts.

Validation certificate 7.0.1

Jul 2020 - version 7.0.0

Trials are now shown on different tabs by environment (all, live, staging). Only new trials will appear in more than one environment. Existing trials still require the user to log in to the live or staging environment separately.

All roles associated with selected user accounts on the users page can be suspended or activated. A badge is shown next to inactive accounts (those that haven't logged in for more than 6 months). This makes it easier to suspend all access for staff that have left or are no longer involved in an organisation's trials.

Multiple selected roles for a trial can be suspended or activated at once. This is useful at the end of a trial to suspend access to all investigators for instance.

Notification accounts can be created for multiple sites. Previously it was only possible to receive notifications for all sites or one chosen site. Users are now invited to new roles when they already have an account. They no longer have access or receive notification emails until they have accepted the invitation. They can also choose to decline invitations.

Tables showing user accounts and roles can now be downloaded as CSV or Excel files.

We no longer allow a duplicate role to be created for a user and we removed the site selection control from the statistician role as this was ignored by data downloads. We removed the general link to our website in password reset emails to avoid users getting confused about which link to click to reset their password.

Validation certificate 7.0.0

Jul 2019 - version 6.3.1

Fixed an issue that could cause an error on the My Account page when the browser agent string was not recognised.

Validation certificates

We now produce a validation certificate for each release. This confirms the software was produced according to our SOPs and has passed all of our internal testing procedures.

Validation certificate 6.3.1

March 2019 - version 6.3.0

We changed the way we check for whether the user's browsers has cookies enabled. Cookies are required to be able to log in.

November 2018 - version 6.2.2

Fix for an intermittent problem with the password strength meter always showing the entered password was weak.

September 2018 - version 6.2.1

A minor update to help with testing subject entered forms.

July 2018 - version 6.2.0

The location information associated with your IP address has been updated to show a country flag 🇬🇧 and the name of your internet service provider (ISP). For those of you who work at large organisations the location shown is often related to the ISP rather than you.

Mobile numbers and security codes are now redacted when an administrator views the audit log.

June 2018 - version 6.1.0

A timezone setting has been added to user accounts so you can see times in the Access interface (such as times of your recent log ins) in your own timezone.

Some people were getting the test and live environments mixed up. A warning is now shown on the log in page for test systems to hopefully reduce confusion.

Some tweaks were made to the security code text messages for compatibility with North American mobile networks.

March 2018 - version 6.0.0

This update is all about security, making it easier for you to keep your account secure and recover from that common modern affliction – forgotten passwords.

You can now recover your own password using the Forgot your password? link on the login page, provided you have added a back-up email or mobile phone number to your account to receive security codes. If you haven't done this, you can still ask an administrator to reset it for you.

We've added a help page on ways you can keep your account secure. Check it out for some hopefully helpful advice.

No more forced password changes (maybe)

Security guidance has finally caught up with common sense, and heavy-weight bodies such as NIST in the US and the UK Government now advise against periodic enforced password changes. Why? Because making passwords expire means people tend to forget their new passwords, pick simple variations on their previous password, and are more likely to write them down on a sticky note.

Unfortunately, some standards such as 21 CFR Part 11 contain requirements to enforce regular password changes, and so we have made this a trial level setting. We'll be asking customers whether they need to enforce regular password changes when we set up new trials. Customers can also ask us to turn off enforced changes for existing trials.

Watch over your account

We've added a recent logins section to the My account page, which shows where and when you logged in from. If you think something suspicious is going on, this is the first place to check. We also show you the last time you logged in when you log in.

We now send you emails when things change concerning your account including:

Changed account information
Changed password
Account suspension because of too many failed login attempts

If you see any of these emails when you weren't expecting them, you should channel your inner Sherlock and investigate.

Other changes and bug fixes

Older versions of Access are being retired and user accounts will be migrated to the latest version. We'll be in touch with customers affected by this change with more details.
We've refreshed the way Access looks, and reduced the space each trial takes up on the trials summary page
Search added to the trials summary page when there are more than 3 trials. Pagination added with 12 trials per page.
User's can now change their own name (an administrator had to do it before)
Deleted roles and notification accounts are now shown in the audit log
The dictionary used to check for weak passwords has been interfrastically updated
Invitation links are now sent to new users rather than passwords. Invitations expire after 2 weeks but can be renewed by administrators or cancelled.
Subject-entered forms invitation links now always take the user to a welcome screen with a button to start the survey (previously this screen was only shown if a memorable word was set). This prevents issues with email previews or virus checkers visiting links and inadvertently logging in as a subject.
A participant who has logged out after entering forms is shown a finished message and no longer shown the usual user login page if they try to visit a protected page
Login throttling should help prevent bad guys from trying automated password guessing to break into accounts
We fixed an issue for users with longer timeout intervals for their trials. Access now also respects these longer timeout intervals so you can enjoy being logged in for longer.