Changes to your REV23 ID
We're doing some work behind the scenes to provide better security for new and existing REV23 software.
Hello! We wanted to alert you to future updates coming soon to REV23 concerning the security of your account and how these changes affect you and our software.
TLDR; We’re migrating REV23 ID usernames/passwords to a new platform. For the most part this won’t be disruptive to you, but you should be aware of the changes.
As we prepare for the next chapter of REV23 we’ve had to lift the hood and tweak pretty much everything that makes our system tick. While you’re used to just seeing REV23 Desktop on your Windows PC, there an even larger system and infrastructure hard at work behind the scenes. At the core of everything is your REV23 ID, the account you use to sign into this website, comment on blog posts, order products, and activate your software licenses, etc... Currently, your username and password are stored in our custom-built customer relationship manager (CRM) and content management system (CMS) that we call XRMS.
While we used decent enough security techniques at the time, our password hashing algorithm is rather outdated, and we lacked some key technology required to easily support your REV23 ID on other platforms, such as an iOS or Android app.
We’ve been working to migrate user identities to a third-party service which handles the authentication and authorization of your REV23 ID, so this data (i.e. your passwords) will no longer be the responsibility of REV23. Soon, we will launch an update to REV23 Desktop and REV23.com simultaneously to support this new flow, and while we’ve done a lot of work to make this as seamless as possible for you, there are some things to know.
First, when this update is released you will need to migrate your account. How you ask? Just log onto REV23.com with your existing email address and password and your account will automatically be migrated! It’s also important to note that some settings, 2FA (two-factor-authentication) and your existing social logins (Google, Facebook etc…) are not migrated during this process. You will need to reconfigure these connections after migration if you want them enabled.
Next, areas where you use your REV23 ID in our Desktop software needed to be updated as well. When we need you to log on with your REV23 ID, you’ll now see a small browser window pop up for you to sign in. These areas include:
- Activating/validating a software license/subscription.
- Resetting the administrator user password.
Ok, great, migrating your account is easy enough. However, here’s what we know after ten years of working with our users: First, most people don’t read emails, blog posts or any kind of communication. Second, not everyone updates their software right away. So how do we deal with older software versions? Introducing your App Password.
We have repurposed your existing REV23 password to an App Password, which only serves one purpose: to interact with your REV23 ID from older versions of our software. By default, your app password is your REV23 ID password from before the migration. If you forget this password, you’ll be able to regenerate a new app password from your account settings.
Generally, we only support Desktop versions up to 18-months old. REV23 Desktop v18.1 is already greater than 12-months old and all of these changes are being released in an 18.1.5 update, extending the life of 18.1 even further. Later this year, or early next year, older versions of some services will be shut down and the App Password will be removed, which will affect all versions of Tattoo Management Studio, as well as REV23 Desktop v17.1. These services include:
- Software licensing and activation
- Reset Administrator user password (from Control Panel)
- Error reporting
Because of this eventual service deprecation, it would be a good idea to update to 18.1.5 soon after it’s available to avoid disruptions in any of these services and receive the most seamless experience with your REV23 ID as possible.
We don't have a release date on this yet other than "soon." All of this work is happening now (and has been for a few weeks) and will be ready when it's ready, but we wanted to start communicating these changes before going live.
I know there is a lot of tech mumbo-jumbo in this blog post, so I appreciate those of you that hung in there and got to the end. There was one juicy bit of information in this post for those paying attention, and I’m sure that’s right where the questions will go. I can’t say anything additional now, but rest assured, we’ll be talking more about this soon.