Setting the password
Defining the security level
The administrator can define three securities modes for the password to access the platform:
- The high-level mode guarantees that the password is long, at least 8 characters, and contains at least 2 different types of characters including lower case, upper case, numbers and special characters. Then he/she verifies with the Cracklib library that it is not too similar to the login, email, name, first name or a word occurring in the dictionary. Repetition and palindromes are not allowed either.
- In the medium-level mode the rules are the same as in the high-level mode, but there is no comparison with words in the dictionary or detection of simple forms.
- In the low-level mode the length of the password is not checked but only the similarity (mathematical distance) with the user's name. Depending on the user's name, the system may let the user choose a password with one single letter.
An account is suspended after 5 unsuccessful attempts. It is re-enabled automatically after a period of 10 minutes; it is not possible to reactivate it manually.
Go to the administration interface, 'Settings' tab, to change the security level of the password.
Generating a password for the user
If a user has problems logging in, the administrator can generate an email to reset the password to the user with a unique link which is valid for one hour. He/she can also define a temporary password for the user.
- Go to the administration interface 'Users' tab.
- Identify the user on the list in the 'Options' menu, and click on 'Defining a password'.
- Generate an email with a reset link.
- Or generate a temporary password.