Here is my inputs to DHIS2 may be for the future releases:
-To avoid people from may be misusing, risks of User and Passwrd caching to their browsers memory, it can be more better if we make it optional on setting passwords. Like password to expire on date xx/xx/xxxx. This is important because some Users requests the usernames and passwords for only research purposes in a given period. eg like only 3 months here the system can be able to automatically block he/she from logging in. On Facility users, it can be better to have a specific period and they all alerted to their emails and forced to change the password.(Note that this is optional).
-Another part is if someone prompt and fails to log in several times eg: 6 or more times the system automatically blocks that person and sends the message to the administrator for him to check if its not an intruder.
I am very sure this can be suitable for the stable systems.
- Muhire Andrew*
Ministry of Health / HMIS
““A mind is a terrible thing to waste””
*** Twitter :andrewmuhire***