Currently, the PAC override password, available in Profiles -> PAC -> Patron Access Options -> Log In tab, is a static, set and forget password. Often, that password is indeed forgotten because it's not used all that often. However, when it is used, there's a good reason for it. I believe this remains useful functionality, but I also believe that a static, universal patron access password is a security issue for patrons and staff alike.

My idea is that, if an ILS Admin needs a PAC override password to troubleshoot an issue on the PAC or within Vega, then one should be generated on demand and expire after one minute or after a single use, whichever comes first. Additionally, the generation of a PAC override password should be tracked in PolarisTransactions, specifically to mark who generated the password.

This way, there’s no documentation floating about with a universal key to patron accounts on the PAC. Polaris admins can get the password as they need it, when they need it, and then forget about it when they’re done with it.

While I know this would likely be a more Vega focused feature, the reality is that there are a lot of libraries out there who will remain on PowerPAC for the foreseeable future simply because of the costs involved with switching to Vega. That in mind, I think this idea would be better placed in Polaris SA for all users, regardless of their discovery solution, rather than in a Vega admin panel for Vega customers only.