System Updates

Minor updates and code changes occur every day. Only significant or noteworthy updates are shown here. Updates shown with a gold background are (or were at the time) only available to Advanced HOPS members.

You are NOT currently subscribed to HOPS compliance system updates. More info

You are NOT currently subscribed to HOPS retail system updates. More info

Recent HOPS Updates Recent Retail System Updates Future Updates Search Results

Time Date	System Updates
Update 1329 4 November 2025	Multi-Factor Authentication MFA is now available to all users in HOPS. Thank you our test guinea pigs for providing useful feedback on this facility. To enable MFA, click the avatar in the top right corner of HOPS and select 'My HOPS Account'. Then scroll down the page to Multi-Factor Authentication, and follow the prompts to set it up. (Note passkeys is not yet available.) For more details, a help page about MFA, with a link to TOTP, is available here: https://www.hops.org.uk/help/mfa (The passkeys page is not yet published so I know that link is dead for the moment.) MFA is not mandatory for any users yet. We have also not promoted it in the general user community. Admins are welcome to make use of it and invite anyone else who they want to to do so. Next steps: We will soon make a permission available that will make MFA mandatory for users with the permission. The permission won't do anything else, we are just using a permission so that all the flexibility of groups and departments etc can be used to allow HOPS Admins to 'set up and forget' which users need MFA as they come and go. Which groups or departments to allocate the permission to will be a matter for individual railways to decide based on what data those groups have access to and the associated risk. Next steps after that: Eventually HOPS will enforce MFA for users with some permissions. The first two are likely to be 015 (permission to administer permissions) and 080 (permission to admin-log-in as a user). Others may follow as cyber-security expectations tighten as time goes on.

Time Date

System Updates

Update 1329
4 November 2025

Multi-Factor Authentication

MFA is now available to all users in HOPS.

Thank you our test guinea pigs for providing useful feedback on this facility.

To enable MFA, click the avatar in the top right corner of HOPS and select 'My HOPS Account'. Then scroll down the page to Multi-Factor Authentication, and follow the prompts to set it up.

(Note passkeys is not yet available.)

For more details, a help page about MFA, with a link to TOTP, is available here: https://www.hops.org.uk/help/mfa (The passkeys page is not yet published so I know that link is dead for the moment.)

MFA is not mandatory for any users yet. We have also not promoted it in the general user community. Admins are welcome to make use of it and invite anyone else who they want to to do so.

Next steps: We will soon make a permission available that will make MFA mandatory for users with the permission. The permission won't do anything else, we are just using a permission so that all the flexibility of groups and departments etc can be used to allow HOPS Admins to 'set up and forget' which users need MFA as they come and go. Which groups or departments to allocate the permission to will be a matter for individual railways to decide based on what data those groups have access to and the associated risk.

Next steps after that: Eventually HOPS will enforce MFA for users with some permissions. The first two are likely to be 015 (permission to administer permissions) and 080 (permission to admin-log-in as a user). Others may follow as cyber-security expectations tighten as time goes on.

Generated at 04:29:36 07/11/2025