Versions Compared

Old Version 20

changes.mady.by.user Denise McGettigan

Saved on

compared with

New Version Current

changes.mady.by.user Denise McGettigan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To set password policies such as automatic expiry, length, character requirements etc, select Administration > Configuration.

Go to the Password policy section of the screen.

Image Removed
Info
iconfalse
titleRelated articles
tip

Password authentication in Phocas

  • Phocas authentication

  • - This is the default, with users and passwords stored in the Phocas system. If your site uses Phocas authentication you can set a site-wide password policy.

  • LDAP/Active Directory

Administrators with permission can set password policies, such as automatic expiry, length, character requirements and so on.

In the Phocas menu, click Administration > Configuration. The Password

policy options

Policy settings are at the top of the General tab.

image-20240717-235449.pngImage Added

Set your required password policy:

  • Automatic expiry (

the

  • days): The number of days

for which

  • a user’s password will remain valid before it expires, forcing the

use

  • user to reset their password when they next attempt to

log on)

  • sign in. An administrator can also reset passwords.

  • Minimum length of a password.
    • Failed login attempts. If this

    • Select the duration from the dropdown list.

    • Failed sign in attempts: The number of times a user can try to sign in to Phocas before they are locked out of their account. By default, this is two attempts. If this setting is left blank or set to 0,

    there will

    • there’ll be no limit

    of

    • to the number of times a user can

    attempt to login
     Note. LDAP accounts are not subject to lockout.
  • Minimum number of upper case letters 
  • Minimum number of numeric characters.
  • Minimum number of special characters.
  • Whether users are prevented from changing their own password.
    • Whether 'Remember me' is disabled on the sign-in screen

    • Minimum length: The minimum length of a password. By default, this is 8 characters.

    • Minimum uppercase letters, numbers, and special characters: The minimum number of uppercase letters, numeric characters, and/or special characters that users must have in their passwords. By default, these are all 0.

    • Password cannot be username: This checkbox is selected by default, which means that users can’t include their username in their passwords. Clear this checkbox if you want to allow users to include their usernames in their passwords (not recommended).

    • Prevent users from changing password: Select this checkbox to prevent users from changing their own password. If checked, non-administrators will not be able to change their password.

    More about user passwords

    Other tools and settings are available to help

    administrators

    you manage user passwords

    . These are covered on

    ; see the Manage user passwords page.

    Related pages