User Security

A user's security profile determines their user name, user group, employee and/or provider association, and alert subscriptions.

In the Main Menu, click Setup, Security, Add User.

Alternatively, in the Main Menu click Setup, Security, Security Settings, then on the Security Window click the + icon in the Users grid.

Passwords can be assigned here, but each user can also change their password via the File menu. When using Clinics, users can have a default clinic, and optionally be restricted to certain clinics.

Related Links: Security, Alert Subscription, Change Password, Security Permission Details.

Note: For HIPAA compliance, each user should have a unique, protected password that only they know. This is especially important for providers because some actions performed when the provider is logged-on are the same as signing off, such as writing procedure notes or electronic prescriptions.

Edit a User

To edit a user, double click an existing user on the Security window.

User ID: This is a system generated unique identifier that is useful for third party reporting.

Domain User: Only visible if Domain Login (Single Sign on) is turned on. Click [...] and select the domain user.

Name: Enter the employee's user name for logging on to Open Dental.

DoseSpot User ID: If this is a provider using DoseSpot eRx, enter the user ID assigned by DoseSpot. For providers with multiple DoseSpot User ID numbers, click [...] to add the corresponding DoseSpot User ID for each clinic. See DoseSpot Setup.

User Group: Highlight the User Groups the user will be assigned to. Users can be assigned to more than one group. User groups control which permissions a user has.

Employee (for timecards): Highlight the employee associated with the user. Required for offices using time clock.

Provider: Highlight the provider associated with the user.

Create Password: Click to create the password the user will use to log on to Open Dental. If a password exists, the label will be Change Password.

Enter the password, then click OK. By default the password shows as asterisks. To instead show the character in readable text, click Show.Note: Once logged on, each user should immediately change their password

Require Password Reset: (optional) Check this box to prompt the user to reset their password upon first log in.

Clinics tab: If using Clinics, click the Clinics tab, then assign the user a default clinic and associate clinics to the user (restrict). See Assign Clinics below

Alert Subs tab: Subscribe the user to specific alerts. See Alert Subscription. Alerts show in the main menu to notify the user about important information.

Is Hidden: Hide this user from the Log On window. Useful when an employee leaves the office. Users cannot be deleted.

Unlock Account: Manually unlock an account. For steps, see Unlock Account. Accounts are temporarily locked for five minutes after more than five consecutive failed attempts to log on to Open Dental or the Mobile Web. This button only shows when editing a user.

Note: To open the Security window, users must have the Security Admin permission. To add a user via Setup, Security, Add User, the user must have the Security Admin or Add User permission, and a default user group must be selected in Global Security Settings.

Assign Clinics

Clinic assignment affects a user's default clinic as well as the clinics a user can access.

On the User Edit window, click the Clinics tab. This tab is only visible when Clinics is turned on.

User Default Clinic: Highlight the user's default clinic. Only one option can be selected. If All is selected, Headquarters will be the default. Usually this clinic will be selected automatically when the user logs on.

User Restricted Clinics: Associate a user to one or more clinics (optional). See below for a list of items that are affected by clinic restrictions.

  1. Highlight the clinics the user should have access to. To select multiple clinics, click and drag, or press Ctrl while clicking.
  2. Check Restrict user to only see these clinics.

When a user is restricted to specific clinics, the following limitations will occur:

When providers are restricted to clinics, it may affect the available provider options in some areas (e.g. only providers who have access to a clinic are options). These areas include:

Example: If Provider A is restricted to Clinic A, Provider A will not be an option for primary or secondary provider when editing patient information for a patient assigned to clinic B.

Technical Details

As of 18.3, password hashing has been updated from the MD5 encryption standard to SHA3-512.