Feature Release Notes 13th April 2021
This feature release includes a number of key updates to Security in Hop. Please share this with all relevant staff at your property.
We would love to hear your feedback on our new features; please feel free to use the Comments section below.
- User Management
- Password security
- Manage Your Account
The management of passwords is no longer done through Hop > Users > Manage Users but instead by going to Users > Manage Users and clicking on the +Create User button. Once a user has been created, the individual person can set/change their own password via the new 'Forgot Password' link when logging on at https://pms.hopsoftware.com
When you select the 'Forgot Password' link you will asked to enter your email or username and you will then receive a link to reset your password. This is a one-use link and will expire. Once changed you will receive an email confirming the password has changed. If you receive this email and have not changed your password use the links in the email to contact our Support team.
Within each user we have added two new settings:
- The option to select if you wish to have your password expire and how frequently you wish to change it → if this is set you will be emailed reminders.
- The option to restrict concurrent sessions → this will prevent a user from being logged in on more than one device/browser at the same time.
We have also added the ability for users with permissions to temporarily set a users account to inactive, stopping access until it is activated again. This is managed in Users > Manage Users by selecting the user and clicking the active/inactive icon in the Active column.
We have also added the following new rules to encourage greater password security:
- You cannot reuse any of your last 5 passwords when creating a new one.
- Passwords need to contain a minimum of 10 characters, including one capital, one number and one special character (this has been increased from 8).
- Hop now uses haveibeenpwned.com to check if passwords have been previously exposed in data breaches, if they have you will not be able to use that password.
- If you enter an incorrect password 5 times in a row, your account will now lock for 24 hours. You will see a message advising you of this. To unlock your account please contact a manager at your property or the Hop Support team. The lockout details are displayed in Users > Manage Users and users with permission can simply click the lock icon to unlock the account before the 24 hour limit is reached:
Manage Your Account
When you are logged into Hop we have added some new features when you go to manage your own user settings. To access these, simply select your username from the top right menu bar and the options will be displayed for you.
As before, you still change your password from here however in addition to this you can now do the following:
- Update your email address if that has changed.
- Set up two factor authentication via email. With this enabled, when logging on you will be sent an authentication number by email to enter as an additional security step. You will then be asked if you would like to trust the browser you are using, if you say yes you won’t need to enter the code again, if you say no, an email will be sent each time.
- Configure two factor authentication via app. This will do the same as the above, however you will need to set this up with Google Authenticator (or a similar app) and then you can generate the code in the app when you require one.
- View your recent activity. This way you can see where you have been logged in and will be able to report any suspicious activity to us. If you use multiple devices/browsers it will show you all areas you are logged into Hop and give you the option to log out that session if you wish.