A Tale of Two Passwords

It was the worst of times. You changed your password, but it still didn't let you log in.

First it's important to understand that you can have two separately managed ScreenHubb passwords:

1. A Report Encryption Password for encrypting email attachments sent to you.
2. A Client Portal Login Password for logging into the system.

These passwords are distinct and separate; and also consider that you may have one of these but not the other. Here's a breakdown of these two passwords:

Your Report Encryption Password is Semi-Secret

The system needs to know your Report Encryption Password is in order to encrypt any reports that may be sent to you via email attachment.

Important Note #1: It is recommended that you elect NOT to receive reports via email attachment. It is actually more secure for you to download reports via Client Portal. However, you can still be notified via email when the new reports are available.

Important Note #2: When you change your Report Encryption password, this does not change your Client Portal password!

if you forget your Report Encryption password: Contact your system administrator. They can send you an email with a link to reset your Report Encryption Password. After you have changed your report password, let your system administrator know and then they can resend you the report(s) you were unable to open. You can discard the reports you were unable to open.

Your Client Portal Login Password is Super Secret

Your Client Portal password (if you have one) is secured according to best practices for web logins (via salted hash). This means that the system doesn't know what your Client Portal password is. Your program administrator does not know what your password is.

Only you know what your Client Portal password is. When you try to log in, your password input is processed into a salted hash and compared with the salted hash on file. If the hashes match, then you are able to log in.

This way, no one can log into the system and take actions pretending to be you.

If you forget your client portal password, you can change it here.

Important Note #3: When you change your Client Portal Login password this does not change your Report Encryption password.

Important Note #4: You may not actually have Client Portal Login permission. In that case you will not be able to log in to the system under any circumstances. If you want to be able to log into Client Portal, contact your system administrator.

Best Practices Managing These Two Passwords

Ideally, you should not receive reports via email attachment. Instead you should opt to receive all reports through the Client Portal. This will eliminate the need for having an encryption password. Speak to your System Administrator to choose this option.

If you must receive reports via email attachment, then your Report Encryption and your Client Portal Login passwords should be different. However the system will not prevent you from using the same password for both. Remember, the system does not know what your Client Portal password is, so it cannot prevent you from setting them both to the same value.

Why should these passwords be different?

Ideally your Client Portal login password should be known only to you. That way no one can impersonate you by logging into the system as you and performing actions.

On the other hand, it may be ok to share the Report Encryption password with a colleague. Then you could securely forward the encrypted report to them and they would be able to open the encrypted attachment, but they would not be able to log into client portal as you. Consult your company's information security policy for guidance.