• When the checkbox for "Do not require login" is enabled in the Security section of Corporation Settings, a link to a transaction sent in an email becomes a permanent security issue. If the user forwards this email to someone else, then that other person can always automatically enter the system as that user.
  
  To improve security in this area while still giving password users the convenience of not needing to authenticate, we now provide the ability to set an expiration time for these links. When you check the box, the time control is now shown. You can set a number of hours or days.

When a user tries to follow a link that has expired, they're given these options:

The option at left sends a new email to the original user, with a freshly generated link. So then if it was someone else who was trying to use the link, the original user finds out about it, and is directed to contact system administrators. Or the user can click on the right-hand option and just log in with their password in the normal way.

• In the Batch Processes grid in Administration, putting a filter on the grid that returns no results now has the same result as doing so on other grids: you see a blank grid...and not a full-screen error message.

• In a transaction's history grid, when we added a new column to record full names instead of just email addresses, we seem to have accidentally removed the ability to export the grid to Excel. That's back now.