Versions Compared

Old Version 23

changes.mady.by.user Denise McGettigan

Saved on

compared with

New Version Current

changes.mady.by.user Denise McGettigan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Password authentication in Phocas

  • Phocas authentication - This is the default, with users and passwords stored in the Phocas system. If your site uses Phocas authentication you can set a site-wide password policy.

  • LDAP/Active Directory - LDAP (Lightweight Directory Access Protocol) authentication can be configured during installation. User passwords take on AD protocols and administrators will not see any Password policy options.

Administrators with permission can set password policies, such as automatic expiry, length, character requirements and so on.

Click In the Phocas menu button > , click Administration > Configuration and scroll down to the Password Policy section.

Image Removed

. The Password Policy settings are at the top of the General tab.

image-20240717-235449.pngImage Added

Set your required password policy:

  • Automatic Expiry - expiry (days): The number of days for which a user’s password will remain valid before it expires, forcing the use user to reset their password when they next attempt to log onsign in. An administrator can also reset passwords.Failed Login Attempts - If this . Select the duration from the dropdown list.

  • Failed sign in attempts: The number of times a user can try to sign in to Phocas before they are locked out of their account. By default, this is two attempts. If this setting is left blank or set to 0, there will there’ll be no limit of to the number of times a user can attempt to logintry to sign in. LDAP accounts are not subject to lockout. See how to unlock a user's account.  Note. LDAP accounts are not subject to lockout.

  • Minimum Length - length: The minimum length of a password. Minimum Number of… - By default, this is 8 characters.

  • Minimum uppercase letters, numbers, and special characters: The minimum number of upper case uppercase letters, numeric characters, and/or special characters that users must have in their passwords.Disable ‘Remember Me’ on sign in page - Select this checkbox to remove the Remember Me option from the sign in page. By default, these are all 0.

  • Password cannot be username: This checkbox is selected by default, which means that users can’t include their username in their passwords. Clear this checkbox if you want to allow users to include their usernames in their passwords (not recommended).

  • Prevent users from changing password - : Select this checkbox to prevent users from changing their own password. If checked, non-administrators will not be able to change their password.

More about user passwords

Other tools and settings are available to help you manage user passwords; see the Manage user passwords page.

Related pages