# Configure Password Options The Secure Payment application's payment module allows you to assign passwords to protect the terminal from unauthorized use. All terminal passwords are 6 numeric (numbers only) characters in length to provide security without slowing down the overall time it takes to process a transaction. The terminal has 3 types of user passwords: * **Administrator (Admin)**: Configured during initial terminal activation * **Merchant**: Configured during initial terminal activation * **Operator**: Configured when creating one or more terminal operators #### For more information on specific password procedures, click any of the following links: * [Understanding Password Hierarchy](#understanding-password-hierarchy) * [Password Requirements](#password-requirement) * [Incorrect Password Entries](#incorrect-password-entries) * [Forgotten Passwords](#forgotten-passwords) * [Change Administrator Password](#change-administrator-password) * [Change Merchant Password](#change-merchant-password) * [Password Protection for Functions and Transactions](#password-protection-for-functions-and-transactions) * [Reimbursement Passwords](#reimbursement-passwords) * [Sales Transaction Passwords](#sales-transaction-passwords) * [Application Exit Password](#application-exit-password) *** ### Understanding Password Hierarchy The terminal uses passwords for different user levels. The user levels follow a hierarchy, and a “higher” level password can enable a function (or override a password) for a “lower” level user. For example, an operator can use the Merchant password to enable a password-protected sale, while an Administrator password can unlock functions that require a Merchant password. The hierarchy of passwords is the following: | **User Level** | **Description** | | ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Administrator** | Configured when you activated your terminal, the **Administrator** password can protect the terminal against unauthorized reimbursements in the Secure Payment application's payment module. You can use the **Administrator** password for any function that requires a **Merchant** or **Operator** password. | | **Merchant** | Configured when you activated your terminal, the **Merchant** password protects the terminal from completing certain sales and reimbursement functions without authorization. You can use the **Merchant** password to complete a transaction when **Operator** identification requires a password to process a sale. | | **Operator** | Assigned when creating one or more terminal operators. Can be enabled to protect unauthorized sales when paired with the associated operator ID. | *** ### Password Requirement When setting passwords on your payment terminal, you must respect the following parameters: * Passwords must be 6 characters long * The Administrator and Merchant passwords cannot be the same (can’t match) * You cannot use the same digit 6 times consecutively (for example: 111111 or 777777) * You cannot use 6 consecutive numbers, either ascending or descending (for example: 123456 or 987654) *** ### Incorrect Password Entries If you enter a password incorrectly, the terminal displays an *Access refused* error message. Touch the error message to return to the **Password** field and re-enter the required password. If you are unable to remember the required password, you can use the Merchant or Administrator password, depending on which password you can't remember. Refer to [*Understanding Password Hierarchy*](#understanding-password-hierarchy) or [*Forgotten Passwords*](#forgotten-passwords) for more information on which passwords can "override" others. *** ### Forgotten Passwords If a user forgets a password, the password reset procedure depends on the terminal user profile. The following table explains who can reset which password and which procedure to use: | **Terminal user** | **Who can reset** | **What to do** | | ----------------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **Administrator** | PayFacto Support |

The Administrator password can only be reset with a Superuser password, which requires the assistance of Technical Support.

Refer to the Obtaining Support procedure.

| | **Merchant** | Administrator |

A Merchant password can be reset using the Admin password.

Refer to the Change Merchant Password procedure.

| | **Operator** | Administrator or Merchant |

Operator passwords can be reset using the Admin or Merchant password.

Refer to the procedure.

| *** ### Change Administrator Password As part of your original terminal activation, you set an Administrator password. The Administrator password provides access to advanced terminal functions and can also enable password-protected operations. You can change the Administrator password whenever you feel it necessary. {% hint style="info" %} NOTE: Do not forget the new Administrator password; the only way to reset it is to contact PayFacto support. {% endhint %} #### **To change the terminal's Administrator password:** 1. From the main screen, touch the **Menu** button.
2. Enter the merchant password and touch **Confirm**. 3. Scroll to the **Configure application** section. 4. Touch **Passwords**. 5. Scroll to the **Set passwords** section. 6. Touch **Administrators**. 7. Enter the current Admin password in the **Password** field and touch **Confirm**. 8. Enter a new 6-digit numeric Admin password in the **Password** field.\ Keep in mind the [password requirements](#password-requirement) when setting the new Admin password. 9. Re-enter the new password in the **Confirm new password** field. 10. Touch the **Confirm** button; the new Admin password is saved and the *Passwords* screen appears.\ If the passwords do not match, a message appears and the password is not changed. Re-enter the password; if needed, touch the **Show password** icon to ensure the passwords match.
11. If you have more than one terminal, repeat steps **1** to **10** for each additional terminal where you want to change the Admin password. *** ### Change Merchant Password As part of your original terminal activation, you set a Merchant password. The Merchant password protects against unauthorized users performing certain operations. You can change the Merchant password whenever you feel it necessary. {% hint style="info" %} NOTE: Do not forget the new Merchant password; the only way to reset it is to use the Admin password or to contact PayFacto support. {% endhint %} #### **To change the terminal's Merchant password:** 1. From the main screen, touch the **Menu** button.
2. Enter the merchant password and touch **Confirm**. 3. Scroll to the **Configure application** section. 4. Touch **Passwords**. 5. Scroll to the **Set passwords** section. 6. Touch **Merchant**. 7. Enter the Admin password in the **Password** field and touch **Confirm**.\ Requiring the Admin password prevents unauthorized changes to the Merchant password. 8. Enter a new 6-digit numeric Merchant password in the **Password** field.\ Keep in mind the [password requirements](#password-requirement) when setting the new Merchant password. 9. Re-enter the new password in the **Confirm new password** field. 10. Touch the **Confirm** button; the new Merchant password is saved and the *Passwords* screen appears.\ If the passwords do not match, a message appears and the password is not changed. Re-enter the password; if needed, touch the **Show password** icon to ensure the passwords match.
11. If you have more than one terminal, repeat steps **1** to **10** for each additional terminal where you want to change the Merchant password. *** ### Password Protection for Functions and Transactions For added security, you can require the Merchant password for certain functions or transactions before the operation can proceed. By default, this security measure is enabled for the following functions and transactions: * [Reimbursements](#reimbursement-passwords) (refund and void) * [Sales transactions](#sales-transaction-passwords) (cash, force post, swipe) * [Exiting the Secure Payment application](#application-exit-password) By default, all of the operations listed above have password protection enabled. Reimbursement transactions are always password protected, but you can select if the transaction requires the Admin or Merchant password. You can disable the password protection on certain sales transactions and exiting the Secure Payment application if desired, but that leaves the terminal vulnerable to unauthorized use where any person could perform those functions. {% hint style="info" %} NOTE: To ensure the security of your transactions, it is strongly recommended that you enable the use of passwords for the selected functions. {% endhint %} *** ### Reimbursement Passwords As a security measure, the Secure Payment application requires a password before processing reimbursement transactions. You can choose which password to require (Admin or Merchant) or you can disable passwords for reimbursements, depending on your preference. By default, refunds require the Admin password and voids require the Merchant password. {% hint style="warning" %} IMPORTANT! If you disable passwords for reimbursement transactions, anyone can process a refund or a void without supervisory or management knowledge or approval. To prevent possible fraudulent reimbursements, you should maintain password protection as part of the reimbursement process. {% endhint %} #### **To set the required password for reimbursements:** 1. From the main screen, touch the **Menu** button.
2. Enter the merchant password and touch **Confirm**. 3. Scroll to the **Configure application** section. 4. Touch **Passwords**. 5. Scroll to the **Require password for transactions** section. 6. Touch **Refund transactions**; the *Password on refunds* screen appears.
7. Select the desired password by touching **Merchant** or **Admin** or touch **No password** to disable password protection for refunds.
8. Touch the **Back** icon to return to the *Passwords* screen. 9. Touch **Void transactions**; the *Password on voids* screen appears.
10. Select the desired password by touching **Merchant** or **Admin** or touch **No password** to disable password protection for voids.
11. If you have more than one terminal, repeat steps **1** to **10** for each additional terminal where you want to set the required passwords for reimbursement transactions. {% hint style="info" %} NOTE: If you disable password protection in either step **7** or **10**, you can re-enable the password by using this procedure and selecting the desired password for each transaction type where you disabled the password. {% endhint %} *** ### Sales Transaction Passwords By default, less commonly used sales transactions (cash sale, force post, and swiping the payment card) require the Merchant password before they can be processed. You can choose whether or not to require the Merchant password, depending on your preference. #### **To select password protection for certain sales transactions:** 1. From the main screen, touch the **Menu** button.
2. Enter the merchant password and touch **Confirm**. 3. Scroll to the **Configure application** section. 4. Touch **Passwords**. 5. Scroll to the **Require password for transactions** section. 6. Enable the use of the Merchant password by toggling the following switches to the right: * **Force post** * **Cash** * **Swipe**
7. Disable the use of the Merchant password by toggling the previously listed switches to the left. 8. If you have more than one terminal, repeat steps **1** to **7** for each additional terminal where you want to set password usage for sales transactions. *** ### Application Exit Password By default, the Secure Payment application requires the Merchant password before you can exit. You can choose whether or not to require the Merchant password, depending on your preference. {% hint style="info" %} NOTE: Be aware that if you disable this function, the Secure Payment application's payment module can be closed at any time by anyone, whether intended or not. {% endhint %} #### **To enable or disable the Merchant password before exiting:** 1. From the main screen, touch the **Menu** button.
2. Enter the merchant password and touch **Confirm**. 3. Scroll to the **Configure application** section. 4. Touch **Terminal options**. 5. Scroll to the **General** section. 6. Enable the use of the Merchant password before closing the payment module by toggling the **Ask password on exit** switch to the right.
7. Disable the use of the Merchant password before closing the payment module by toggling the **Ask password on exit** switch to the left.
8. If you have more than one terminal, repeat steps **1** to **7** for each additional terminal where you want to set whether or not to use the Merchant password before exiting the application.