Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Contact Us
English (US)
US English (US)
ES Spanish
  • Home
  • Pak Accounting
  • Utilities
  • Global
  • User Level Security

User Level Security

Written by Brandy Burch

Updated at March 21st, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Home

  • Pak Accounting

      Table of Contents

      Setting up Users Basic: Adding a New User - User Security is not required Advanced: Turning on System Security NOTES for User Security: Edit Company Level Access Edit Security for Modules and Menues Edit Security for Accounts, Bank Codes and Journals Edit Security for View Trend List Utility

      Setting up Users

      This is done from the Utilities > Global > User Level Security.

      Basic: Adding a New User - User Security is not required

      NOTES:

      • If you only need to keep other users completely out of a system, use the password option found on the Maintenance screen in General Ledger and Payroll. Each set of books and major system can have its own password. However, be careful! If those passwords are lost or forgotten, they cannot be easily recovered.
      • The user will be denied any access to that company after three unsuccessful attempts.

      Click on Add to add users.

      User ID Enter the user ID and Name, typically their initials. It can be 1, 2, or 3 characters - alpha-numeric field. NOTE: The following characters are not allowed in the UserID: [.'\','/',':','*','?','"','<','>','|'])
      User Name Full name of the user.
      E-Mail Optional
      Classification Classification is used with multiple posting dates; if not using multiple posting dates, keep all users at Class 1). There can be 3 different classes if desired. This will require 3 different posting dates. Determine which users you want to be in each of the three classes and define them in their individual user-level security. Also, make sure that the posting dates for each class are defined in the Posting Allowed Date Range.
      Restrict Signon to Network User Name Optional Restrict Sign on to Network User name—This option restricts the Pak Accounting User ID to the Network user. If a network User ID is specified and the option is checked, then only a user logged into the specific workstation with that network ID can log in to Pak Accounting with this Pak Accounting user ID.
      Active/Expiration Date Uncheck this box if the user is no longer with the company. This is preferred over deleting the User ID so that historical change logs will remain intact. Add an Expiration Date if desired. This is helpful if the user will not be leaving the company right away. Once unchecked, if the User Id is used, there will be a message “The access for User: ”Name Here" has expired."
      Phone Extention Optional
      Password not Required

      Check the box to not require a password to be entered for this user. The user just enters the user ID to get into Pak Accounting.  

       

      If a password is desired, leave the box unchecked, the password will be entered the first time the user goes into Pak Accounting.  If a manager desires to set a password for a user, simply log in as that user and set the password. 
      The password can be up to 30 characters long but must be at least 8 characters long. It must also have at least one letter and one non-alpha character (e.g., number, special character, etc.). It cannot be the same as the current and previous 9 passwords used.
      Days Before Password Resets If a user forgets their password, the manager (user with Full access) can select the this button, and the User
      Reset Password This field is optional. Entering a number will turn on the feature (0 keeps the feature turned off; the password will not expire). Set the number of days that the system will require the User to enter a new password (i.e., the prior password will expire).  

       

      Advanced: Turning on System Security

      In addition to the above information, the following will need to be set up. 

      Step 1:  Setting up the individual users.

      Step 2:  Enabling the security system: System Options.
      WARNING! Make sure you have the users set up (step 1) BEFORE you enable the global security option (step 2)!  If you do step 2 first, there will be NO authorized users -- including yourself -- and everyone will be locked out.  Make sure you have a user authorized for everything, specifically the global file that sets up Security.

      User Access Management Best Practices

      The recommended best practice involves a counterintuitive but effective strategy: initially granting full system access and then methodically removing unnecessary specific permissions. This approach ensures a comprehensive initial setup before fine-tuning individual user capabilities.

      • Start with full system permissions
      • Progressively remove unnecessary access rights
      • Verify permission restrictions through systematic testing\
        • To test permissions - the one who set the permission has to close out of the User Security menu. The user who is being restricted will need to log out of Pak and log back in. 
      • Regularly audit user access settings

      To effectively restrict user access, administrators should:

      1. Review all available permission levels
      2. Disable specific module and function permissions
      3. Confirm access limitations through test accounts
      4. Document each access modification

      By following these strategic guidelines, organizations can create a robust and secure user access framework within their accounting system, minimizing potential security risks while maintaining operational flexibility.

       
      Default Access Level 

      Enter the level most used by this user. This can be overriden at the company level.

      • No Access
      • List/View Only
      • Chg and List/View - Users with at least a Change security level can:
        • Make real-time changes in the View Trend - View Detail by Journal Screen
        • Change and/or move entries, account # Sub-Account, effective date, or invoice date via right-click on the View Detail by Account screen.
        • Change Discount Values (Right-click on View Detail by Journal.)
      • Add, Chg, and List/View. Users with at least an Add security level can:
        • All the above, plus
        • Split or Unsplit transactions into two transactions (right-click on the View Detail by Account screen or by Journal screen)
      • Del, Add, Chg, and List/View (Full Access). Users with Full Access (Delete) security level or Unpost Entries can:
        • All the above, plus
        • Unpost by Journal or Journal/Reference (right-click on the View Detail by Account screen or by Journal screen)
          NOTE: To inactivate a user, uncheck the Active box next to Access Level which will automatically change the user to no access and remove all company overrides. This event will be logged in the Change Log, on the Security Master Listing and Security Grid Views.
      View/Change Sub-Account Tax ID
      • Full Access - The user can view/change the Owner Tax ID.
      • View-Only - The user can only view the Owner Tax ID.
      • View Last 4 Digits - The user can only view the last 4 digits of the Owner Tax ID.
      • View Presence - (Default) user only sees Has TaxID, Has Acct or item is "Blank". 
      View/Change Owner Bank Account: select one of the four options for each user
      • Full Access - The user can view/change the Owner Bank Account.
      • View-Only - Thbe user can only view the Owner Bank Account information on the ACH tab.
      • View Last 4 Digits - The user can only view the last 4 digits of the Owner Bank Account.
      • View Presence - The user will not see the ACH tab.
      By Company Security Tab

      This tab allows you to set security at a company level. *ALL* is automatically added once you save the User ID to allow you to set user access for all companies on Pak Accounting.

      • Right-click in the empty space in the By Company Security tab to add an individual company.

      NOTE: If a user has access to only certain companies, they will only have access to these in company lookups.

      NOTES for User Security:

      • If user-level security has been enabled and a user does not have access to a specific company, that company will not appear in the company drop-down list when that user logs in.
      • A user cannot delete their own security account or remove their own ability to get into security maintenance.
      • Right-clicking in the bottom half of the Security Maintenance screen and choosing List User/Company Access provides a Security Master Listing for one user or range of users, along with the options to print security for one or all companies and overridden details.

       

      Edit Company Level Access

      Double-click on *ALL* (or individual company if set up) to edit the company-level access

      Edit Security for Modules and Menues

      Once at the company level, set user access by individual screens within each system. 

      1. Click on the Expand All or + button to expand the menu. 
      2. To collapse the menu, click on the Collapse All or—button. 
      3. Double-click on an item to bring up a pop-up box and specify the level of security for the current item. See the example below. 
        1. Notice the outline is the same as the menu tree in Pak. 
        2. Changing the security will change all sub-categories under the header by default. However, you can expand the header and set further security at the menu level. 

       

      Edit Security for Accounts, Bank Codes and Journals

      You can also restrict access by Account, A/P Coding Accounts, Bank Code, or Journal at the company level. Under Restrictions, double-click on the category and then select the items to restrict access.

      • This is only available on the individual company-level setup. Not on the *ALL* company level setup
      • The intent of restrictions is to limit viewing/reporting, not coding or input.
      1. If it is necessary for a particular user to not view certain account(s), simply choose the account(s) in the View Accounts restriction and use the red/blue arrows (the red arrow will move one account at a time; the blue arrow will move all accounts) to move them to the right side of the Accounts Selection screen, and then save. When that user logs in, they will not be able to view the selected accounts in View Trend (F4), run a ledger listing, or view the restricted accounts in a journal listing. The user will be able to make an entry in General Ledger Entries or, if the restricted account is a cash account, choose that account to pay an A/P invoice.
        • The A/P Coding Accounts restriction allows for selected accounts to be restricted for coding A/P invoices.
        • The Bank Account restriction limits viewing to bank codes chosen to be excluded. The user will not be able to view a check register, export a positive pay file, or view cash disbursements for the excluded bank codes.
        • If selected journals are restricted, the user will not be able to view a journal listing for those journals. View Trend (F4)/View by Account level will blackout the detail on the part of the entry that pertains to the restricted journal. The "Detail by Journal" level will only allow the user to view the part of the entry that does not pertain to the restricted journal. The ledger listing will let them view the total amount for an entry that is restricted but will include a restricted entry on the ledger listing for the journal that is restricted.
        • The Sub-Tables restriction will allow the user to see the name/address only of the Sub-Accounts within the restricted Sub-Table(s). The security is consistent with the fields displayed within the lookup function.
      2. Directly underneath the Restrictions menu is the Permissions menu. The permissions menu allows a user to have permissions for certain functions only regarding Account, Time Entry, Number Master, and Journal Entry.
        NOTE: The intent of permissions is to allow a user to have a certain capability.
        • The Account permissions allow the user to enter an account. The Account(s) that are moved to the right side of the screen via the red/blue arrows are the accounts that the user will have access to.
        • The Time Entry allows the user to enter time for selected employees. The employees moved to the right side of the screen via the red/blue arrows are the employees to whom the user will have access to enter time.
        • The Number Master Permission allows selected System IDs (modules) to be accessed in regard to the next number assignment. found in the Utilities module/Next Number Assignment. This is accomplished by moving the modules to the right side of the screen, where the user is allowed to change the next number assignment.
        • The Journal Entry Permission allows the user to access selected journals for journal entries by moving them to the right-hand side of the screen using the red/blue arrows. This allows the user to make entries to the selected journals.
          NOTE: Right-clicking on the User Security Maintenance screen will provide a list feature that shows the security listing, or tree, for that particular user.

       

      Edit Security for View Trend

      View Trend is divided into three screens:  Summary, Detail by Account, and Detail by Journal. The ability for a user to view or not view either of these screens is determined by this one setting:

      If a user can view the [F4] view screen, the security on the Real-time change functions of both the Detail by Account and the Detail by Journal screens is based on the user's access to the Unpost Entries screen (General Ledger > Manual Entries > Unpost Entries).

       

      List

      The security listing provides information about each user's security settings, including the date the security originated and any changes.

      Utility

       Utility to copy one user's security settings to another user.  

      1. Can copy from a user in another company. This utility will also copy company-level security to another company for the same user.
      2. Ticket Security.
      3. Check Approval.

      Also see: Alerts

      user security system security company security

      Was this article helpful?

      Yes
      No
      Give feedback about this article

      Related Articles

      • Report Security Features
      • Security in Employee Master Maintenance

      Copyright 2025 – PakEnergy.

      Knowledge Base Software powered by Helpjuice

      Expand