What's new (Access)
Dec 2022 - version 7.5.0
Allow users to access older Red Pill and Randomisation test systems with the same account as they use for live systems. Previously they had to use a separate user account.
Dec 2022 - version 7.4.0
Role status (active, suspended or invited) is now shown as a column in the user listing table for a trial
Trial and design panels slightly animate on hover and colours have greater contrast
When showing buttons on each trial panel, roles are ordered so active roles are shown first. Roles are also sorted by name and site ID. Role names are no longer down-cased.
The last selected environment tab (All / Live / Test) is remembered
Some security and bug fixes
Jun 2022 - version 7.3.0
Archivist accounts can now be created by an administrator like any other role.
Roles are refreshed more regularly so that when rebuilding a test system the roles will be updated to reflect the new specification.
Dec 2021 - version 7.2.0
Selecting all users now respects any search filters that are applied.
Sep 2021 - version 7.1.0
A bug affecting logins was fixed.
On log in users with an invitation are redirected to the invitations page. This is to try and help users unfamiliar with the system who frequently don't realise that they need to follow the link to accept an invitation before they can access a trial.
The email sent on password change has been updated to note that location information obtained by IP lookup is approximate.
Aug 2021 - version 7.0.5
A bug affecting trial listings was fixed.
A minor bug affecting the integration between the CRF builder and Access was fixed.
A bug resulting in notifications being delivered to extra recipients for a single customised system was fixed.
Oct 2020 - version 7.0.4
Inactive user accounts for decommissioned trials are now deleted. Invitations to create accounts that are not taken up within 6 months are automatically cancelled.
The option to have fax notifications was removed as it is no longer in use.
Sep 2020 - version 7.0.3
A minor update to speed up the user listing and relabel the staging environment as "test".
Sep 2020 - version 7.0.1
A minor update to fix a couple of issues to do with trials hosted on remote hosts.
Jul 2020 - version 7.0.0
Trials are now shown on different tabs by environment (all, live, staging). Only new trials will appear in more than one environment. Existing trials still require the user to log in to the live or staging environment separately.
All roles associated with selected user accounts on the users page can be suspended or activated. A badge is shown next to inactive accounts (those that haven't logged in for more than 6 months). This makes it easier to suspend all access for staff that have left or are no longer involved in an organisation's trials.
Multiple selected roles for a trial can be suspended or activated at once. This is useful at the end of a trial to suspend access to all investigators for instance.
Notification accounts can be created for multiple sites. Previously it was only possible to receive notifications for all sites or one chosen site. Users are now invited to new roles when they already have an account. They no longer have access or receive notification emails until they have accepted the invitation. They can also choose to decline invitations.
Tables showing user accounts and roles can now be downloaded as CSV or Excel files.
We no longer allow a duplicate role to be created for a user and we removed the site selection control from the statistician role as this was ignored by data downloads. We removed the general link to our website in password reset emails to avoid users getting confused about which link to click to reset their password.
Jul 2019 - version 6.3.1
Fixed an issue that could cause an error on the My Account page when the browser agent string was not recognised.
We now produce a validation certificate for each release. This confirms the software was produced according to our SOPs and has passed all of our internal testing procedures.
March 2019 - version 6.3.0
We changed the way we check for whether the user's browsers has cookies enabled. Cookies are required to be able to log in.
November 2018 - version 6.2.2
Fix for an intermittent problem with the password strength meter always showing the entered password was weak.
September 2018 - version 6.2.1
A minor update to help with testing subject entered forms.
July 2018 - version 6.2.0
The location information associated with your IP address has been updated to show a country flag 🇬🇧 and the name of your internet service provider (ISP). For those of you who work at large organisations the location shown is often related to the ISP rather than you.
Mobile numbers and security codes are now redacted when an administrator views the audit log.
June 2018 - version 6.1.0
A timezone setting has been added to user accounts so you can see times in the Access interface (such as times of your recent log ins) in your own timezone.
Some people were getting the test and live environments mixed up. A warning is now shown on the log in page for test systems to hopefully reduce confusion.
Some tweaks were made to the security code text messages for compatibility with North American mobile networks.
March 2018 - version 6.0.0
You can now recover your own password using the Forgot your password? link on the login page, provided you have added a back-up email or mobile phone number to your account to receive security codes. If you haven't done this, you can still ask an administrator to reset it for you.
We've added a help page on ways you can keep your account secure. Check it out for some hopefully helpful advice.
No more forced password changes (maybe)
Security guidance has finally caught up with common sense, and heavy-weight bodies such as NIST in the US and the UK Government now advise against periodic enforced password changes. Why? Because making passwords expire means people tend to forget their new passwords, pick simple variations on their previous password, and are more likely to write them down on a sticky note.
Unfortunately, some standards such as 21 CFR Part 11 contain requirements to enforce regular password changes, and so we have made this a trial level setting. We'll be asking customers whether they need to enforce regular password changes when we set up new trials. Customers can also ask us to turn off enforced changes for existing trials.
Watch over your account
We've added a recent logins section to the My account page, which shows where and when you logged in from. If you think something suspicious is going on, this is the first place to check. We also show you the last time you logged in when you log in.
We now send you emails when things change concerning your account including:
- Changed account information
- Changed password
- Account suspension because of too many failed login attempts
If you see any of these emails when you weren't expecting them, you should channel your inner Sherlock and investigate.
Other changes and bug fixes
- Older versions of Access are being retired and user accounts will be migrated to the latest version. We'll be in touch with customers affected by this change with more details.
- We've refreshed the way Access looks, and reduced the space each trial takes up on the trials summary page
- Search added to the trials summary page when there are more than 3 trials. Pagination added with 12 trials per page.
- User's can now change their own name (an administrator had to do it before)
- Deleted roles and notification accounts are now shown in the audit log
- The dictionary used to check for weak passwords has been interfrastically updated
- Invitation links are now sent to new users rather than passwords. Invitations expire after 2 weeks but can be renewed by administrators or cancelled.
- Subject-entered forms invitation links now always take the user to a welcome screen with a button to start the survey (previously this screen was only shown if a memorable word was set). This prevents issues with email previews or virus checkers visiting links and inadvertently logging in as a subject.
- A participant who has logged out after entering forms is shown a finished message and no longer shown the usual user login page if they try to visit a protected page
- Login throttling should help prevent bad guys from trying automated password guessing to break into accounts
- We fixed an issue for users with longer timeout intervals for their trials. Access now also respects these longer timeout intervals so you can enjoy being logged in for longer.