The administrator can define three securities modes for the password to access the platform:
- The high-level mode guarantees that the password is long, at least 8 characters, and contains at least 2 different types of characters including lower case, upper case, numbers and special characters. Then he/she verifies with the Cracklib library that it is not too similar to the login, email, name, first name or a word occurring in the dictionary. Repetition and palindromes are not allowed either.
- In the medium-level mode the rules are the same as in the high-level mode, but there is no comparison with words in the dictionary or detection of simple forms.
- In the low-level mode the length of the password is not checked but only the similarity (mathematical distance) with the user's name. Depending on the user's name, the system may let the user choose a password with one single letter.
An account is suspended after 5 unsuccessful attempts. It is re-enabled automatically after a period of 10 minutes; it is not possible to reactivate it manually.
Go to the settings of the interface interface, 'Security' tab, to change the security level of the password.