Posts Tagged: v4.38

MIDAS v4.38 Out Now!

We have a new update available to our MIDAS booking software. This update includes improvements to custom fields, booking requests, printing, privacy, and more.

Here’s what new and improved in v4.38…

Authenticator App Support

Authenticator app support
New 2FA Options in MIDAS v4.38

Since 2015, all MIDAS room booking systems have included optional two-factor authentication (2FA). If enabled, this adds an additional layer of account security to our software.

With Two-Factor Authentication enabled, each time a user logins in, a code is sent to their email inbox. The user must then enter this code into MIDAS in order to complete their log in.

MIDAS v4.38 now additionally supports TOTP authenticator apps – including Google Authenticator and Microsoft Authenticator – as an alternative 2FA login option – Read more…

2FA Per User Account

In addition to supporting authenticator apps, we’ve also made two-factor authentication a ‘per user’ setting, rather than a ‘global’ setting.

This allows administrators to set 2FA methods for each individual user account.

Per-User Two Factor Authentication Login Settings
Per-User Two Factor Authentication Login Settings

Reinstall Current Version

For self-hosted customers, we’ve improved the MIDAS installer to allow re-installing your current software version without affecting your existing data/settings.

So if you accidentally delete a core file within your MIDAS installation on your web server, you can re-install MIDAS without loosing any data!

Improved Security Audit

All MIDAS systems come with a built in ‘Security Audit’ tool to assess the security of your booking system. This tool may either be run on-demand or regularly scheduled.

For MIDAS v4.38 we’ve included a new check as part of these ‘Security Audits’. This new check will alert you if there are any ‘obsolete’ user accounts within your MIDAS system. An ‘obsolete’ user account is considered to be any user account which has not been logged into for at least 6 months.

Improved Booking Grid performance

The ‘Booking Grid’ is the main area where your bookings are visually presented within MIDAS.

We’ve made some improvements to the performance of the booking grid in v4.38 by reducing the amount of data that’s initially loaded when viewing bookings for any given date.

For busy organizations with hundreds of bookings across their venues in any given day, the amount of data being loaded in the booking grid was significant, and could lead to sluggish loading.

We’ve significantly improved this for v4.38, meaning that large quantities of bookings now load and display faster than ever!

Other Improvements

This latest version of MIDAS also includes stability and performance improvements and fixes for several issues that have been detected or reported since the previous release (v4.37) – View the complete v4.38 changelog….

How To Get MIDAS v4.38…

New to MIDAS?

You can try MIDAS v4.38 for FREE with no obligation to buy!

There’s both a functional online public demo, and you can also try MIDAS free for 30 days.

We offer a choice of both cloud and self hosted solutions. So if you’re ready to get MIDAS working for your organization, purchase or subscribe today via our secure website.

“Self Hosted” Customers:

Self-Hosted customers with active Support Subscriptions can update to v4.38, and it only takes a couple of clicks.

Simply log in to your MIDAS system and go to MIDAS Admin Options → Manage MIDAS → Update.

“Cloud Hosted” Customers:

All our active Cloud-Hosted customers MIDAS systems have previously been update to v4.38.

We seamlessly apply software updates for our cloud hosted customers. So you’ll always have access to the latest features, and never need to worry about running outdated software.

Authenticator App Support

Two-Factor Authentication (sometimes referred to as 2FA) is a more secure method of logging into websites or online services.

Traditionally, when you “log in” to a website or online service, you enter your username (typically your email address) and password. Then you click a button, and if the details you enter are valid, you’re logged in.

Unfortunately, many people reuse the same credentials (username / password combination) again and again for multiple websites and online services. The danger of this is that if one of those services gets “hacked” or suffers a data breach where user credentials are exposed, an attacker could potentially then access all other websites and online services that that person uses.

Two-factor authentication combats this. It does so by employing a secondary means of authentication in addition to the traditional username / password combination in order to authenticate a user’s access.

This means that even if a user’s password has been compromised, an attacker couldn’t then this to gain access to someone’s account.

Two Factor Authentication in MIDAS

Since 2015, all MIDAS room booking systems have included optional two-factor authentication. If enabled, this adds an additional layer of account security to our software.

With Two-Factor Authentication enabled, each time a user logins in, a code is sent to their email inbox. The user must then enter this code into MIDAS in order to complete their log in.

But starting with MIDAS v4.38, we’re improving 2FA options and support in our software!

MIDAS v4.38 (and later) now support authenticator apps – including Google Authenticator and Microsoft Authenticator – as an alternative 2FA login option to email.

Per User Two Factor Authentication Settings

Previously, the 2FA option in MIDAS was a ‘global’ setting. This meant that it could be enabled or disabled for all user accounts at once. It was not possible to have ‘per account’ 2FA settings.

We’ve made this more flexible for MIDAS v4.38!

Now, administrators can set whether 2FA is enabled for each individual user account. The 2FA option for each account can also be set.

Available 2FA options are now:

  • Authenticator App
  • Email

Enabling 2FA Authenticator App Globally in MIDAS

To globally turn on 2FA for all users, administrators can go to MIDAS Admin Options > Manage MIDAS > Security. In the “Two Factor Authentication (2FA)” section, tick the “Enable Two-Factor Authentication For All Users?” box, and then select the “Authenticator App” option:

Global Two-Factor Authentication Options - now includes authenticator apps
Global Two-Factor Authentication Options – now includes authenticator apps

Click “Save Changes” and 2FA via Authenticator Apps will be enabled for all user accounts.

Enabling 2FA Authenticator App For Individual User Accounts

2FA options are also available on a per-user account basis. Administrators can enable, disable, or change the 2FA method on a user account by going to MIDAS Admin Options > Manage Users & Permissions.

Select the user account you wish to enable 2FA for, and choose “Authenticator App” from the “2FA Login” setting:

New per-user Two-Factor Authentication Options
New per-user Two-Factor Authentication Options

Then click “Save Changes”.

How 2FA via an Authenticator App Works

When 2FA authentication via authenticator apps has been enabled on a user’s account, the next time they login, they’ll be presented with a QR Code to scan with their authenticator app:

Setting up your authenticator app upon first login
Setting up your authenticator app upon first login

If they’re unable to scan the QR Code a ‘secret key’ is also provided which can be manually entered into authenticator apps.

The user’s authenticator app will then generate a 6 digit code which they can enter into MIDAS to complete their login.

The QR Code / Secret Key needs only to be scanned/entered into the user’s authenticator app once upon first use. For subsequent logins, the user will simply need to enter the 6 digit code generated by their authenticator app:

Entering a OTP generated by your authenticator app to complete login
Entering a OTP generated by your authenticator app to complete login

Supported Authenticator Apps

Popular FREE authenticator apps supported by MIDAS include:

However, any OTP authenticator app which generates Timed One-Time Passwords (TOTP) derived from a shared secret value and the current time should be compatible. TOTP codes are typically six digits long and change every 30 seconds.

Resetting 2FA

If a user looses their authenticator app, an administrative user in a MIDAS system can change the user’s 2FA method, or reset their authenticator token. By resetting a user’s authenticator token, the next time the user logs in, they’ll be presented with a brand new QR Code/Secret Key to enter into their authenticator app.


2FA login authentication has been available since MIDAS v4.10 (2015). However, this implementation is limited to authentication codes sent to users via email. 2FA could also only be enabled globally (for all user accounts)

2FA login authentication via either email or authenticator apps is available in MIDAS v4.38 or later. These options can be enabled globally, or an a per user account basis.