Submit Your Suggestions For Field View

An easier password for field use yes but also could you also consider periodic two factor authentication to balance the security risk

Completely agree with all comments. This is yet another example of Viewpoint's detachment from their actual users

There is now a new suggestion which is currently in review:

https://fieldview.ideas.aha.io/ideas/FV-I-754

Hopefully Viewpoint will make the right decision and enable the BU Admins to set the password complexity for their company. 

I agree with the other users comments. Field View you really need to listen to your (UK ) customers!!

The 2017 Verizon Data Breach Investigations Report also states that there was only "one recorded breach of a large construction company".  In fact Construction was the joint lowest on number of incidents with 6 (the other was Mining).  This is out of 42,068 incidents that make up the report which includes 21,239 involving members of the public (who I'd suggest are more likely to use weak passwords).

As I and others have stated, we (the customers) own the data that is stored on this system.  We know what the risk is, based on a function of likelihood and in this case more importantly the implications of a data breach.

Whoever made the decision to ignore all the above comments and votes to categorise this as "Will not implement", should come out from behind their desk, put on a pair of boots, a high viz, helmet, gloves etc and stand in front of a group of workers on a cold wet building site and try and explain how this is an improvement.

I'm sure those reading this who actually work with the users of Field View can imagine the reception this would get. Unfortunately the profanity filters would immediately delete this post if I put them here.

I do not understand your attitude!

For users on site, the application becomes unusable. Banking applications have the same (maybe more security) than you, while logging into personal banking APP is easier than in Field View APP !! All this is enough - to set the PIN code password for users to log in through Field View APP. This could be set by BU admin.
Well, users would have to remember the Cloud password and PIN in the app, but it would definitely be more pleasant to them than "tapping" the absurdly long and complex password in the mud on the site ...

I still support the view that it is a step back!

I think the 'will not implement' needs to be reconsidered, or at the very least other methods of securing devices considered. What suits Fieldview for password complexity may not align with other company's own security policy. 

I appreciate the need for password complexity, but in the field this presents a unique environment that should be addressed by Fieldview. If Android started insisting on a ten character password be used every time to unlock the screen then no one would use Android!

Company policy generally allows securing company devices by other means, for example by use of system/app like MobileIron that forces certain security settings on the device (screen timeout, swipe pattern password/6 digit pin number). This should be at the discretion of the owning company; their data, their risk.

The field based component of Fieldview means this needs to be addressed, to allow Fieldview to continue to be considered a system capable of field use.

Betsie, will this change be implemented in Vista, VFP, Team, Jobpac, Keystyle?

As a BU Admin for a number of Viewpoint products, this is a ridiculous change in the system. I highly suggest you consider making the BU Admins able to decide the appropriate level of security for their business instead of dictating this to us! 

I don't think you have an understanding of the implication this has had, is having and will continue to have on users, I have received several complaints from users in my business already who no longer want to use the platform because they have to change their password continuously because they can no longer remember what it is, because it is so longer and complicated. Our end users are not computer programmers! They do not work with technology every day! They are site managers who want a quick, simple to use tool. I will be looking at other options for my business because of this and will be speaking with our CIO regarding this change.

I think Viewpoints only step would be to allow BU admins to control this function or implement AD SSO - which we already have as a business with MFA which is far more secure than having a longer password which you need to write down so you don't forget (which completely defeats the purpose of having a secure password in the first place). Studies have proven that more complicated passwords and mandatory changes actually reduce security in the long run. I'm happy to provide studies showing this. 

In addition to all the great points, it is often very difficult to get trades to use the system. Setting passwords that are onerous will only reduce the number of trades that do use the system. The current complexity is a huge step in the wrong direction. 

Hello All,

We are making changes to our password policy based upon our security department and the analysis to safe guard your data which is our top priority.  We are rolling out changes on Field View in two stages the first as you are referencing is for new users and for password resets.  We will be following up with an update to current users once we have communicated out timing to our customers and the rollout plan.  I've included Security's reply below so you may understand the reasons why a strong password is imperative.

The 2017 Verizon Data Breach Investigations Report found that a staggering 81% of hacking-related breaches leveraged stolen or weak passwords.
Viewpoint recently implemented a strong password framework for Viewpoint Field View. This action was taken at the request of many customers as well as Viewpoint’s commitment to continuous security improvement to help our customers safeguard their important data from data breaches and malicious actors.

This issue has now gotten worse.  Any change to a user account (for example moving someone from one BU to another), forces the Admin to update the password if it doesn't comply with Viewpoints' criteria.

As we are already facing resistance from new users. Changing existing users passwords will result in another chorus of complaints!  This prevents admins from maintaining the system properly, to avoid the inevitable verbal abuse and questions like "How is this quicker than pen and paper".

Viewpoint need to fix this! We own the data that is stored on this system, not them.  We are the only ones who can decide what level of security we wish to implement. As Charley Hall commented, BU Admins should be able to set how complex a password needs to be.

agree with this  it is very frustrating and it has defiantly stopped the system working as efficiently. 

I also have noticed that the password complexity requirements are not consistent in Field View - You go into one area and you cannot set this passwords correctly according to their own password parameters. Example - Admin Centre / Devices - the password parameters conflict with Field Views password requirements.

Absolutely 100% agree - this should be a setting for BU admins to decide the appropriate level of password security for their business, not Viewpoint. This ability is included in VFP, where password length and strength is customisable, please do the same with Field View!!!

I'd also like to see BU Admins able to set the level of password complexity required for different projects to suit client requirements (or set at the Business Unit level at least)

Agreed, this is really working against device usability

I completely agree with David! It is very complicated to insert passwd on site - especially, when I want to enter only one issue.. Before changes, it was very quick and friendly.. now it is "step back"...