Releasenote LEF april 2023 (EN)

Release: LEF
Date: April 5th 2023

  • Passwords Policy 

One of the audit criteria at various large dealerships is the security of passwords. 
As a LEF administrator, you now have the option to set your own password policy in LEF. The customizable password policy includes several components: 

Set password complexity 

Until now, 8 was the minimum number of characters for a password, without any further complexity requirements. This can now be set separately: 

• minimum length (Standard 12 and minimum 8) 

• at least 1 capital letter (default off) 

• minimum 1 digit (default off) 

• at least 1 special character (off by default) 

The minimum length defaults to 12 characters and capital letter, number and special character are disabled. Research indicates that the added complexity is counterproductive to password strength. 

Old passwords (8 characters long) will continue to work until a user manually changes their password or it is reset by the administrator. 

  • Password expires functionality 

In addition to being able to adjust the complexity, your administrator can also give a maximum shelf life to a password. By default, password expiration is off. 

Allowing passwords to expire does not always improve security. These studies show that people put less effort into a password if they have to change it regularly. For example, they change one number, letter or character - password1 then becomes password2, for example. 

If it is desirable from a company policy to set the expiration of passwords, this can be entered in months. The user receives a notification in LEF a few days in advance that his/her password must be reset. 

  • Reset of all passwords 

To ensure that all users, including yourself as an administrator, immediately comply with the newly set password requirements, it is also possible to reset all passwords. When you use this setting, all users within your car company will receive an e-mail from LEF to reset their password. 

When setting the new password, the user can clearly see what his/her new password must comply with in the set password policy. 

New password no longer visible 

When creating new users or when resetting a password via the LEF management, passwords could be viewed before they were sent. This option is now no longer available. Of course, the possibility to send a user a new password will remain, but it can no longer be viewed in advance or changed. Instead, the user receives an email with a link to set a password. The password to be set must comply with the set password policy. 

The password policy will be expanded with MFA (Multi Factor Authentication) in the near future. 

  • Push notifications of new leads also possible on the iPhone with iOS16.4 

    In addition to the fact that an e-mail can be automatically sent to users with a new lead in LEF, it has been possible for some time to receive a push notification via the web browser. Unfortunately, this last functionality could not be used on iOS. That has now changed! With the new update of iOS 16.4, Apple releases the use of push notifications with web apps! 

    How do you set up push notifications? 

    In LEF, the LEF administrator can indicate per qualification whether push notifications should be sent, just as this is now done by e-mail. The push notifications only appear when a user can also view the lead, so he is entitled to the qualification and the location. To prevent a user from receiving a notification from the browser every second, the interval is set to 5 minutes. If there are multiple new leads, the push notification will be adjusted and it will state the relevant number of new leads that are available to the user. 

    In addition to the settings in the LEF management, each individual user must first give permission. The permission can be easily given via the Settings menu at the top right of LEF. Go to 'Set up notification' and then click on 'Activate'. After this, permission is requested in the browser via a standard pop-up. 

    To receive the notifications, an employee does not need to be logged in to LEF, but does need to have the relevant browser open. 

    Watch our instructional video here to set up push notifications for new leads: https://www.youtube.com/watch?v=6MiaXTvFEqo