Thank you for sharing your insights, especially on database lock, security, and access control, areas I’m not very familiar with. I’d like to share my opinion on some aspects of your discussion.
I particularly like the idea to implement multi-factor authentication for database access control. As a study coordinator working with a database system where I update medical data of subjects, the requirement to change passwords every 90 days can be challenging, especially since I do not access the system frequently (mostly there are 4-6 months follow-up visit according to the protocol). It’s not just about creating new passwords but also ensuring they are different from previous ones. Sometimes, I find myself forgetting my current password. Thus, integrating multi-factor authentication could enhance database security.
However, there are certain limitations to consider. Many study site staff, including myself, often use hospital computers to access the system. Features like fingerprint and face recognition might not be feasible in such environments. Therefore, it would be beneficial if the database system offered a dropdown menu to select the preferred method for identity verification.