ESS employee profile is currently created by a background process which bypasses the security framework.

This process is insecure because the security question and answer is blank and the user is automatically approved.

To resolve this issue, the following changes will be made:

1. Add a utility option to "Create Web Login" which will prompt a username and display the registered email address.
   1. Call the security framework to create the user if the user does not exist. The security framework will send an email similar to the new user registered.
   2. If the user exists, all fields are read only.
2. When an employee profile is saved, call the security framework passing details. 
   1. Details include active/inactive which will approve/disapprove the employee.
   2. Email address
   3. Phone number
   4. Employee Name
3. Remove the configuration for ESS username format.
4. Remove the background process that creates employee profile in ESS.

Functionality consideration:

1. Upload of an employee will create the employee profile without the ESS login. Administrators will have to manually create the ESS profile and link the employee.
2. If the web login username is blank, the web user profile will not be created.

The current process is as follows:

1. Employee profile is created with random encrypted password and Salt
2. The user has to recover the password. This is sent to their registered email address.
3. The user then logs in and changes the password and enters their security question and answer.