The following article outlines recommended user accounts best practices for XVWeb.
- If available and compatible, use SSO integrations
- Do not share accounts or passwords
- Use a unique email and password for each account
- If your practice management software only allows for one account (or limited accounts) to be configured, we recommend using an account with the minimal privileges necessary. We strongly recommend against using a single account for a large number of users or offices.
- Limit admin user access
- Avoid reusing passwords from other systems
- Document account ownership, especially for system or service accounts
- Remove accounts as soon as they are no longer needed
- Use simple account naming conventions
- Review accounts regularly
- Educate users on account security
- Change your passwords at defined, regular intervals.