Documentation

Password management for Regular users

Password management features available for Regular users

  • Regular users can always change their own passwords: This option is available to them on their profile page. They will see a Change password link in the right hand actions portlet.
    6.7Admin8754ProfileChangePassword.png
 
  • Regular users can reset their own password if they forget it: The forms login page has a Forgot password link that Regular users can use should they forget their passwords. This will send them an email with a link that allows them to reset the password. There is no need for administrator intervention.
    6.7Admin8754ForgotPassword.png
Note: Regular user passwords will never expire. 

Strong password policy

Strong passwords are enabled by default for Regular users. This means that administrators and users can only set passwords that meet the minimum strong password requirements. All strong passwords must contain the following:
  • at least 8 characters
  • at least one lowercase letter
  • at least one number or special character
  • at least one uppercase letter

Change strong password policy for Regular users (7.1.0)

  1. Go to the Administration panel: Authentication section > Settings page.
  2. In the Regular user authentication settings section set the checkbox "Require strong passwords for regular users" to the desired value.
    6.7Admin8754StrongPassword.png
  3. Scroll to the bottom and click Save changes.
     

Change strong password policy for Regular users (7.1.1)

  1. Go to the Administration panelAuthentication section > Regular user settings page.
  2. Under Strong passwords set the checkbox "Require strong passwords for regular users" to the desired value.
    6.7Admin8754StrongPassword.png
  3. Click Save changes at the bottom.

Password lockout

You can configure the password lockout for failed password attempts. This will lockout any Regular user account for a specified period of time after a configured number of failed tries.

Configure password lockout for Regular users (7.1.0)

  1. Go to the Administration panel: Authentication section > Settings page.
  2. Go to the Regular user authentication settings.
  3. Under Password security, fill out the desired values X and Y for "Password attempts before lockout [X] and a password expiry of [Y] minutes."
    6.7Admin8754PasswordLockout.png
  4. Scroll to the bottom and click Save changes.

Configure password lockout for Regular users (7.1.1)

  1. Go to the Administration panelAuthentication section > Regular user settings page.
  2. Under Password security, fill out the desired values X and Y for "Password attempts before lockout [X] and a lockout duration of [Y] minutes."
    6.7Admin8754PasswordLockout.png
  3. Click Save changes at the bottom.