Submit Your Suggestions For Field View

Password complexity should be a customer defined setting

The new password requirements are unworkable for field based personnel. 

Entering a 10 digit password containing upper and lower case letters, numbers and special characters is a mild irritation when sitting at a desk in a warm office with a full sized keyboard.  Trying to do it on a cold wet building site, with one hand, on a mobile screen, while wearing PPE equipment is unrealistic!

Some companies may decide that the data they are collecting is sensitive enough to warrant this level of security and is workable in their environments.  Some may only wish to increase the minimum number of digits in the current PIN based solution.  Both options are valid, but not having the choice is currently limiting our roll out of new users.

  • David Thornhill
  • Dec 17 2018
  • Will not implement
Company Wates
Job Title / Role Group Field View Administrator
I need it... Yesterday...Come on already
  • Attach files
  • john pym commented
    January 29, 2021 09:58

    An easier password for field use yes but also could you also consider periodic two factor authentication to balance the security risk

  • Susan Bewers commented
    May 07, 2019 07:12

    Completely agree with all comments. This is yet another example of Viewpoint's detachment from their actual users

  • Guest commented
    April 18, 2019 01:26

    There is now a new suggestion which is currently in review:

    https://fieldview.ideas.aha.io/ideas/FV-I-754

    Hopefully Viewpoint will make the right decision and enable the BU Admins to set the password complexity for their company. 

  • simon westwood commented
    April 10, 2019 13:35

    I agree with the other users comments. Field View you really need to listen to your (UK ) customers!!

  • David Thornhill commented
    February 28, 2019 11:42

    The 2017 Verizon Data Breach Investigations Report also states that there was only "one recorded breach of a large construction company".  In fact Construction was the joint lowest on number of incidents with 6 (the other was Mining).  This is out of 42,068 incidents that make up the report which includes 21,239 involving members of the public (who I'd suggest are more likely to use weak passwords).

    As I and others have stated, we (the customers) own the data that is stored on this system.  We know what the risk is, based on a function of likelihood and in this case more importantly the implications of a data breach.

    Whoever made the decision to ignore all the above comments and votes to categorise this as "Will not implement", should come out from behind their desk, put on a pair of boots, a high viz, helmet, gloves etc and stand in front of a group of workers on a cold wet building site and try and explain how this is an improvement.

    I'm sure those reading this who actually work with the users of Field View can imagine the reception this would get. Unfortunately the profanity filters would immediately delete this post if I put them here.

  • Jaroslav Vender commented
    February 28, 2019 09:03

    I do not understand your attitude!


    For users on site, the application becomes unusable. Banking applications have the same (maybe more security) than you, while logging into personal banking APP is easier than in Field View APP !! All this is enough - to set the PIN code password for users to log in through Field View APP. This could be set by BU admin.
    Well, users would have to remember the Cloud password and PIN in the app, but it would definitely be more pleasant to them than "tapping" the absurdly long and complex password in the mud on the site ...

    I still support the view that it is a step back!

  • Alix Birtles commented
    February 28, 2019 02:55

    I think the 'will not implement' needs to be reconsidered, or at the very least other methods of securing devices considered. What suits Fieldview for password complexity may not align with other company's own security policy. 

     

    I appreciate the need for password complexity, but in the field this presents a unique environment that should be addressed by Fieldview. If Android started insisting on a ten character password be used every time to unlock the screen then no one would use Android!

    Company policy generally allows securing company devices by other means, for example by use of system/app like MobileIron that forces certain security settings on the device (screen timeout, swipe pattern password/6 digit pin number). This should be at the discretion of the owning company; their data, their risk.

     

    The field based component of Fieldview means this needs to be addressed, to allow Fieldview to continue to be considered a system capable of field use.

  • Guest commented
    February 27, 2019 22:30

    Betsie, will this change be implemented in Vista, VFP, Team, Jobpac, Keystyle?

    As a BU Admin for a number of Viewpoint products, this is a ridiculous change in the system. I highly suggest you consider making the BU Admins able to decide the appropriate level of security for their business instead of dictating this to us! 

     

    I don't think you have an understanding of the implication this has had, is having and will continue to have on users, I have received several complaints from users in my business already who no longer want to use the platform because they have to change their password continuously because they can no longer remember what it is, because it is so longer and complicated. Our end users are not computer programmers! They do not work with technology every day! They are site managers who want a quick, simple to use tool. I will be looking at other options for my business because of this and will be speaking with our CIO regarding this change.

     

    I think Viewpoints only step would be to allow BU admins to control this function or implement AD SSO - which we already have as a business with MFA which is far more secure than having a longer password which you need to write down so you don't forget (which completely defeats the purpose of having a secure password in the first place). Studies have proven that more complicated passwords and mandatory changes actually reduce security in the long run. I'm happy to provide studies showing this. 

  • Ryan Wanner commented
    February 27, 2019 21:08

    In addition to all the great points, it is often very difficult to get trades to use the system. Setting passwords that are onerous will only reduce the number of trades that do use the system. The current complexity is a huge step in the wrong direction. 

  • Admin
    Betsie Hoyt commented
    February 27, 2019 20:11

    Hello All,

    We are making changes to our password policy based upon our security department and the analysis to safe guard your data which is our top priority.  We are rolling out changes on Field View in two stages the first as you are referencing is for new users and for password resets.  We will be following up with an update to current users once we have communicated out timing to our customers and the rollout plan.  I've included Security's reply below so you may understand the reasons why a strong password is imperative.

    The 2017 Verizon Data Breach Investigations Report found that a staggering 81% of hacking-related breaches leveraged stolen or weak passwords.
    Viewpoint recently implemented a strong password framework for Viewpoint Field View. This action was taken at the request of many customers as well as Viewpoint’s commitment to continuous security improvement to help our customers safeguard their important data from data breaches and malicious actors.

  • David Thornhill commented
    February 20, 2019 16:48

    This issue has now gotten worse.  Any change to a user account (for example moving someone from one BU to another), forces the Admin to update the password if it doesn't comply with Viewpoints' criteria.

    As we are already facing resistance from new users. Changing existing users passwords will result in another chorus of complaints!  This prevents admins from maintaining the system properly, to avoid the inevitable verbal abuse and questions like "How is this quicker than pen and paper".

    Viewpoint need to fix this! We own the data that is stored on this system, not them.  We are the only ones who can decide what level of security we wish to implement. As Charley Hall commented, BU Admins should be able to set how complex a password needs to be.

  • harvey brown commented
    February 14, 2019 10:48

    agree with this  it is very frustrating and it has defiantly stopped the system working as efficiently. 

  • Guest commented
    February 05, 2019 20:54

    I also have noticed that the password complexity requirements are not consistent in Field View - You go into one area and you cannot set this passwords correctly according to their own password parameters. Example - Admin Centre / Devices - the password parameters conflict with Field Views password requirements.

  • Guest commented
    January 16, 2019 06:01

    Absolutely 100% agree - this should be a setting for BU admins to decide the appropriate level of password security for their business, not Viewpoint. This ability is included in VFP, where password length and strength is customisable, please do the same with Field View!!!

  • Alix Birtles commented
    January 16, 2019 03:16

    I'd also like to see BU Admins able to set the level of password complexity required for different projects to suit client requirements (or set at the Business Unit level at least)

  • Alix Birtles commented
    January 16, 2019 03:08

    Agreed, this is really working against device usability

  • Jaroslav Vender commented
    December 19, 2018 12:55

    I completely agree with David! It is very complicated to insert passwd on site - especially, when I want to enter only one issue.. Before changes, it was very quick and friendly.. now it is "step back"...

Dear Viewpoint Suggestion Box contributor;

We at Viewpoint sincerely thank you for your contribution to Suggestion Box on how we can improve Viewpoint products. While we can’t do everything at once, we rely upon your feedback to help guide the prioritization of our product improvements, and Suggestion Box is a critical tool for us to understand and prioritize our customers’ needs. Viewpoint reviews Suggestion Box regularly for all of our products and updates statuses, adds comments, and performs various house-keeping (including deleting) as needed to ensure that Suggestion Box is maintained as a productive environment for product enhancements requests.

1515 SE Water Avenue, Suite 300, Portland, OR 97214 |  800.333.3197  | Contact Us | Terms of Use | Privacy | Support Policies

© 2023 Trimble Inc. All Rights Reserved. Viewpoint®, Vista™, Spectrum®, ProContractor™, Jobpac Connect™, Viewpoint Team™, Viewpoint Analytics™, Viewpoint Field View™, Viewpoint Estimating™, Viewpoint For Projects™, Viewpoint HR Management™, Viewpoint Field Management™, Viewpoint Financial Controls™, Vista Field Service™, Spectrum Service Tech™, ViewpointOne™, ProjectSight® and Trimble Construction One™ are trademarks or registered trademarks of Trimble Inc. or its affiliates in the United States and other countries. Other names and brands may be claimed as the property of others.