First, only authorized users can access the system with the help of a unique User ID and a password. Secondly, a user should have access rights to execute a function.

The user profile of a user contains the User ID, the password and the functions to which the user has access. BANKING operation such as new, copy, query, unlock etc will be enabled based on function rights available for the user. The function rights will be checked for each operation performed by the user.

Administrator can define the maximum number of unsuccessful attempts after which a User ID should be disabled. When a User ID has been disabled, the Administrator should enable it. The password of a user can be made applicable only for a fixed period. This forces the user to change the password at regular intervals thus reducing security risks. Further, Administrator can define passwords that could be commonly used by a user as Restrictive Passwords at the user, user role and bank level. A user cannot use any password that is listed as a Restrictive Password at any of these levels.